Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2022-02-28 CVE-2022-0377 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Thimpress Learnpress
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration.
network
low complexity
thimpress CWE-327
4.3
2022-02-26 CVE-2020-36516 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.16.11.
network
high complexity
linux netapp CWE-327
5.9
2022-01-21 CVE-2021-31562 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fresenius-Kabi products
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways.
network
low complexity
fresenius-kabi CWE-327
critical
9.1
2022-01-21 CVE-2021-33846 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fresenius-Kabi products
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key.
network
low complexity
fresenius-kabi CWE-327
7.2
2022-01-10 CVE-2021-38921 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2022-01-10 CVE-2021-40006 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Harmonyos 2.0
Vulnerability of design defects in the security algorithm component.
low complexity
huawei CWE-327
4.6
2022-01-04 CVE-2021-38542 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apache James 2.2.0/3.3.0/3.4.0
Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command.
network
high complexity
apache CWE-327
5.9
2021-12-28 CVE-2021-42583 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Foxcpp Maddy
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
network
low complexity
foxcpp CWE-327
7.5
2021-12-27 CVE-2021-43550 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Efficia CM Firmware and Patient Information Center IX
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
low complexity
philips CWE-327
6.5
2021-12-27 CVE-2021-45696 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sha2 Project Sha2 0.9.7
An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust.
network
low complexity
sha2-project CWE-327
critical
9.8