Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2022-12-08 CVE-2022-46825 Inadequate Encryption Strength vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
local
low complexity
jetbrains CWE-326
3.3
2022-11-29 CVE-2022-4036 Inadequate Encryption Strength vulnerability in Dwbooster Appointment Hour Booking
The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72.
network
low complexity
dwbooster CWE-326
5.3
2022-11-15 CVE-2022-45379 Inadequate Encryption Strength vulnerability in Jenkins Script Security
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
network
low complexity
jenkins CWE-326
7.5
2022-11-01 CVE-2020-4099 Inadequate Encryption Strength vulnerability in Hcltech Verse 12.0.9
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures.
network
low complexity
hcltech CWE-326
7.5
2022-10-10 CVE-2021-35226 Inadequate Encryption Strength vulnerability in Solarwinds Network Configuration Manager
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS).
network
low complexity
solarwinds CWE-326
6.5
2022-10-10 CVE-2022-3433 Inadequate Encryption Strength vulnerability in Haskell Aeson
The aeson library is not safe to use to consume untrusted JSON input.
network
low complexity
haskell CWE-326
6.5
2022-10-06 CVE-2022-3273 Inadequate Encryption Strength vulnerability in Ikus-Soft Rdiffweb
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
network
low complexity
ikus-soft CWE-326
critical
9.8
2022-09-19 CVE-2022-29835 Inadequate Encryption Strength vulnerability in Westerndigital WD Discovery 4.0.251.0
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm.
network
low complexity
westerndigital CWE-326
5.3
2022-09-06 CVE-2022-35931 Inadequate Encryption Strength vulnerability in Nextcloud Password Policy
Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords.
network
low complexity
nextcloud CWE-326
2.7
2022-08-29 CVE-2022-36555 Inadequate Encryption Strength vulnerability in Hytec Hwl-2511-Ss Firmware 1.05
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which can be easily cracked via a brute-force attack.
network
low complexity
hytec CWE-326
critical
9.8