Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-16 | CVE-2020-8897 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS Encryption SDK A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. | 5.5 |
2020-11-16 | CVE-2020-25694 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. | 8.1 |
2020-11-12 | CVE-2020-17494 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Untangle Firewall NG Untangle Firewall NG before 16.0 uses MD5 for passwords. | 5.0 |
2020-10-29 | CVE-2020-27653 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Synology Diskstation Manager and Router Manager Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. | 8.3 |
2020-10-29 | CVE-2020-27652 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Synology Diskstation Manager and Skynas Firmware Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. | 8.3 |
2020-10-21 | CVE-2020-27611 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Bigbluebutton BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint. | 7.5 |
2020-10-20 | CVE-2019-9080 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 5.0 |
2020-10-16 | CVE-2020-4254 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium BIG Data Intelligence 1.0 IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-10-06 | CVE-2019-4325 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Appscan 10.0.0/10.0.1/9.0.3.14 "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | 5.0 |
2020-10-01 | CVE-2020-9491 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apache Nifi In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. | 7.5 |