Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-38921 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
5.0
2021-12-28 CVE-2021-42583 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Foxcpp Maddy
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
network
low complexity
foxcpp CWE-327
5.0
2021-12-27 CVE-2021-43550 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Efficia CM Firmware and Patient Information Center IX
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
low complexity
philips CWE-327
3.3
2021-12-27 CVE-2021-45709 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Crypto2 Project Crypto2
An issue was discovered in the crypto2 crate through 2021-10-08 for Rust.
network
low complexity
crypto2-project CWE-327
7.5
2021-12-25 CVE-2021-45485 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Linux Kernel
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
network
low complexity
linux CWE-327
5.0
2021-12-25 CVE-2021-45486 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Linux Kernel
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
local
low complexity
linux CWE-327
2.1
2021-12-25 CVE-2021-45487 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
network
low complexity
netbsd CWE-327
5.0
2021-12-25 CVE-2021-45488 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
network
low complexity
netbsd CWE-327
5.0
2021-12-23 CVE-2017-2488 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apple Remote Desktop
A cryptographic weakness existed in the authentication protocol of Remote Desktop.
network
low complexity
apple CWE-327
5.0
2021-12-21 CVE-2021-45450 Use of a Broken or Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
network
low complexity
arm CWE-327
5.0