Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-27 | CVE-2022-2582 | The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. | 4.3 |
| 2022-12-26 | CVE-2022-24116 | Certain General Electric Renewable Energy products have inadequate encryption strength. | 9.8 |
| 2022-12-23 | CVE-2022-47931 | Inadequate Encryption Strength vulnerability in Iofinnet Tss-Lib IO FinNet tss-lib before 2.0.0 allows a collision of hash values. | 9.1 |
| 2022-12-19 | CVE-2022-38659 | Inadequate Encryption Strength vulnerability in Hcltech Bigfix Platform In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent. | 7.8 |
| 2022-12-08 | CVE-2022-46825 | Inadequate Encryption Strength vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects. | 3.3 |
| 2022-12-02 | CVE-2022-2640 | Inadequate Encryption Strength vulnerability in Hornerautomation Rcc972 Firmware 15.40 The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. | 7.5 |
| 2022-11-29 | CVE-2022-4036 | Inadequate Encryption Strength vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. | 5.3 |
| 2022-11-15 | CVE-2022-45379 | Inadequate Encryption Strength vulnerability in Jenkins Script Security Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks. | 7.5 |
| 2022-11-01 | CVE-2020-4099 | Inadequate Encryption Strength vulnerability in Hcltech Verse 12.0.9 The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. | 7.5 |
| 2022-10-11 | CVE-2022-41209 | Inadequate Encryption Strength vulnerability in SAP Customer Data Cloud 7.4 SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. | 5.2 |