Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2025-03-25 CVE-2024-31896 IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-327
5.9
2025-03-20 CVE-2025-2539 The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.9.9.0.1.
network
low complexity
CWE-327
7.5
2025-03-14 CVE-2024-45643 IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.
network
high complexity
CWE-327
5.9
2025-02-19 CVE-2024-28780 IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client  uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-327
5.9
2025-02-06 CVE-2024-49797 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-327
5.9
2025-02-04 CVE-2025-22475 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Data Domain Operating System
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability.
network
low complexity
dell CWE-327
7.5
2025-01-27 CVE-2024-38320 IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-327
5.9
2025-01-20 CVE-2024-22347 IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.
network
high complexity
CWE-327
5.9
2025-01-07 CVE-2024-52366 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Concert Software
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-327
5.9
2025-01-04 CVE-2024-41763 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Engineering Lifecycle Optimization Publishing 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5