Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-05 | CVE-2019-17598 | Inadequate Encryption Strength vulnerability in Lightbend Play Framework An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. | 4.3 |
2019-11-04 | CVE-2013-4104 | Inadequate Encryption Strength vulnerability in Cryptocat Project Cryptocat Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol | 5.0 |
2019-10-29 | CVE-2019-4339 | Inadequate Encryption Strength vulnerability in IBM Security Guardium BIG Data Intelligence 4.0 IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2019-10-15 | CVE-2019-17356 | Inadequate Encryption Strength vulnerability in Infinitestudio Infinite Design 3.4.12 The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network. | 3.3 |
2019-10-10 | CVE-2019-1338 | Inadequate Encryption Strength vulnerability in Microsoft Windows 7 and Windows Server 2008 A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass Vulnerability'. | 4.3 |
2019-09-27 | CVE-2019-9399 | Inadequate Encryption Strength vulnerability in Google Android 10.0 The Print Service is susceptible to man in the middle attacks due to improperly used crypto. | 4.3 |
2019-09-17 | CVE-2019-4175 | Inadequate Encryption Strength vulnerability in IBM Cognos Controller 10.4.0/10.4.1 IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2019-08-29 | CVE-2019-15806 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. | 9.8 |
2019-08-29 | CVE-2019-15805 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. | 9.8 |
2019-08-01 | CVE-2019-14332 | Inadequate Encryption Strength vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. | 4.6 |