Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2020-26140 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
6.5
2021-04-26 CVE-2021-29694 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-04-12 CVE-2020-4965 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-04-07 CVE-2020-36315 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Relic Project Relic
In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of the padding (and of the first two bytes) are inadequate.
network
low complexity
relic-project CWE-327
5.3
2021-03-18 CVE-2019-14852 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat 3Scale API Management 2.0
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol.
network
low complexity
redhat CWE-327
7.5
2021-03-12 CVE-2020-4831 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Datapower Gateway 10.0.0.0/10.0.0.1/10.0.1.0
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-03-03 CVE-2021-20441 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Bridge
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
ibm CWE-327
5.9
2021-02-24 CVE-2020-12702 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Coolkit Ewelink
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.
low complexity
coolkit CWE-327
4.6
2021-02-16 CVE-2021-23839 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
OpenSSL 1.0.2 supports SSLv2.
network
high complexity
openssl oracle siemens CWE-327
3.7
2021-02-11 CVE-2020-25493 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Oclean 2.1.2
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic.
network
low complexity
oclean CWE-327
7.5