Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-04 | CVE-2017-1664 | Inadequate Encryption Strength vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
2018-01-03 | CVE-2017-1000486 | Inadequate Encryption Strength vulnerability in Primetek Primefaces Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution | 9.8 |
2017-12-16 | CVE-2017-14090 | Inadequate Encryption Strength vulnerability in Trendmicro Scanmail 12.0 A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted. | 9.1 |
2017-12-07 | CVE-2017-1271 | Inadequate Encryption Strength vulnerability in IBM Security Guardium 9.0/9.1/9.5 IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. | 7.5 |
2017-12-07 | CVE-2017-17436 | Inadequate Encryption Strength vulnerability in Vaulteksafe Vt20I Firmware An issue was discovered in the software on Vaultek Gun Safe VT20i products. | 8.8 |
2017-11-23 | CVE-2017-13699 | Inadequate Encryption Strength vulnerability in Moxa Eds-G512E Firmware 5.1 An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. | 7.5 |
2017-11-22 | CVE-2017-8174 | Inadequate Encryption Strength vulnerability in Huawei products Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. | 7.5 |
2017-10-24 | CVE-2017-1375 | Inadequate Encryption Strength vulnerability in IBM Storwize Unified V7000 Software 1.5/1.6 IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2017-10-19 | CVE-2012-6707 | Inadequate Encryption Strength vulnerability in Wordpress WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. | 7.5 |
2017-10-01 | CVE-2017-14797 | Inadequate Encryption Strength vulnerability in Philips HUE Bridge Bsb002 Firmware 1707040932 Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network. | 7.5 |