Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-28 | CVE-2016-9121 | Inadequate Encryption Strength vulnerability in Go-Jose Project Go-Jose go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. | 9.1 |
2017-03-27 | CVE-2017-5239 | Inadequate Encryption Strength vulnerability in Eviewgps Ev-07S GPS Tracker Firmware Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle (MitM) listener. | 7.5 |
2017-03-23 | CVE-2016-6225 | Inadequate Encryption Strength vulnerability in multiple products xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. | 5.9 |
2017-03-06 | CVE-2017-5999 | Inadequate Encryption Strength vulnerability in Syspass 2.0 An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. | 7.5 |
2017-03-01 | CVE-2016-2879 | Inadequate Encryption Strength vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. | 7.8 |
2017-02-20 | CVE-2016-4693 | Inadequate Encryption Strength vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 7.5 |
2017-02-20 | CVE-2016-4685 | Inadequate Encryption Strength vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 5.9 |
2017-02-16 | CVE-2016-5919 | Inadequate Encryption Strength vulnerability in IBM products IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2017-02-01 | CVE-2016-3034 | Inadequate Encryption Strength vulnerability in IBM Security Appscan Source 9.0.1/9.0.2/9.0.3 IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily. | 4.4 |
2017-01-30 | CVE-2016-7798 | Inadequate Encryption Strength vulnerability in multiple products The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. | 7.5 |