Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-29 | CVE-2019-4256 | Inadequate Encryption Strength vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2019-05-23 | CVE-2019-10855 | Inadequate Encryption Strength vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 mishandles password hashes. | 5.0 |
2019-05-01 | CVE-2018-1608 | Inadequate Encryption Strength vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2019-04-29 | CVE-2018-2007 | Inadequate Encryption Strength vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2019-04-15 | CVE-2018-1925 | Inadequate Encryption Strength vulnerability in IBM Websphere MQ 9.1.0.0/9.1.0.1/9.1.1 IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
2019-04-07 | CVE-2019-10734 | Inadequate Encryption Strength vulnerability in Trojita Project Trojita 0.7 In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 4.3 |
2019-04-07 | CVE-2019-10907 | Inadequate Encryption Strength vulnerability in Airsonic Project Airsonic 10.2.1 Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. | 5.0 |
2019-03-29 | CVE-2019-6481 | Inadequate Encryption Strength vulnerability in Abine Blur 7.8.2431 Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app." approach, related to a "Multifactor Auth Bypass, Full Disk Encryption Bypass" issue affecting the Affected Chrome Plugin component. | 5.0 |
2019-03-27 | CVE-2019-9863 | Inadequate Encryption Strength vulnerability in Abus products Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way. | 10.0 |
2019-03-21 | CVE-2019-7161 | Inadequate Encryption Strength vulnerability in Zohocorp Manageengine Adselfservice Plus An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. | 5.0 |