Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-06 | CVE-2021-22170 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gitlab Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content | 7.5 |
2021-11-23 | CVE-2021-22356 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products There is a weak secure algorithm vulnerability in Huawei products. | 5.9 |
2021-11-15 | CVE-2021-41263 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Discourse Rails Multisite rails_multisite provides multi-db support for Rails applications. | 8.8 |
2021-10-25 | CVE-2020-14264 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Traveler Companion "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" | 3.9 |
2021-09-30 | CVE-2021-29894 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud PAK for Security 1.7.0.0/1.7.1.0/1.7.2.0 IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-09-15 | CVE-2021-29750 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.4.0 IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-09-06 | CVE-2021-40528 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | 5.9 |
2021-09-06 | CVE-2021-40529 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | 5.9 |
2021-09-06 | CVE-2021-40530 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. | 5.9 |
2021-09-02 | CVE-2021-31796 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cyberark Credential Provider An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. | 7.5 |