Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-2640 | Inadequate Encryption Strength vulnerability in Hornerautomation Rcc972 Firmware 15.40 The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. | 7.5 |
| 2022-11-29 | CVE-2022-4036 | Inadequate Encryption Strength vulnerability in Dwbooster Appointment Hour Booking The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. | 5.3 |
| 2022-11-15 | CVE-2022-45379 | Inadequate Encryption Strength vulnerability in Jenkins Script Security Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks. | 7.5 |
| 2022-11-01 | CVE-2020-4099 | Inadequate Encryption Strength vulnerability in Hcltech Verse 12.0.9 The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. | 7.5 |
| 2022-10-11 | CVE-2022-41209 | Inadequate Encryption Strength vulnerability in SAP Customer Data Cloud 7.4 SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. | 5.2 |
| 2022-10-10 | CVE-2021-35226 | Inadequate Encryption Strength vulnerability in Solarwinds Network Configuration Manager An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). | 6.5 |
| 2022-10-10 | CVE-2022-3433 | Inadequate Encryption Strength vulnerability in Haskell Aeson The aeson library is not safe to use to consume untrusted JSON input. | 6.5 |
| 2022-10-06 | CVE-2022-3273 | Inadequate Encryption Strength vulnerability in Ikus-Soft Rdiffweb Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | 9.8 |
| 2022-09-19 | CVE-2022-29835 | Inadequate Encryption Strength vulnerability in Westerndigital WD Discovery 4.0.251.0 WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. | 5.3 |
| 2022-09-06 | CVE-2022-35931 | Inadequate Encryption Strength vulnerability in Nextcloud Password Policy Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. | 2.7 |