Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-21 | CVE-2021-45450 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. | 7.5 |
| 2021-12-21 | CVE-2021-45451 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. | 7.5 |
| 2021-12-13 | CVE-2021-39058 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2021-12-09 | CVE-2021-39002 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2021-12-08 | CVE-2021-43808 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Laravel Framework Laravel is a web application framework. | 4.3 |
| 2021-12-06 | CVE-2021-22170 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gitlab Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content | 5.0 |
| 2021-11-23 | CVE-2021-22356 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products There is a weak secure algorithm vulnerability in Huawei products. | 4.3 |
| 2021-11-19 | CVE-2021-41278 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Edgexfoundry products Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. | 2.6 |
| 2021-11-15 | CVE-2021-41263 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Discourse Rails Multisite rails_multisite provides multi-db support for Rails applications. | 6.0 |
| 2021-10-25 | CVE-2020-14264 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Traveler Companion 11.0.5/11.0.6/11.0.7 "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" | 2.1 |