Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2020-07-31 CVE-2020-3681 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Qualcomm -
Authenticated and encrypted payload MMEs can be forged and remotely sent to any HPAV2 system using a jailbreak key recoverable from code.
network
low complexity
qualcomm CWE-327
critical
9.8
2020-07-30 CVE-2020-4185 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 10.5/10.6/11.1
IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-07-29 CVE-2020-15098 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Typo3
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums.
network
low complexity
typo3 CWE-327
8.8
2020-07-28 CVE-2020-10927 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netgear R6700 Firmware 1.0.4.8410.0.58
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers.
low complexity
netgear CWE-327
8.8
2020-07-23 CVE-2020-7514 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Schneider-Electric Easergy Builder 1.4.7.2
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker access to the authorization credentials for a device and gain full access.
local
low complexity
schneider-electric CWE-327
7.8
2020-07-01 CVE-2020-7689 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Node.Bcrypt.Js Project Node.Bcrypt.Js
Data is truncated wrong when its length is greater than 255 bytes.
network
low complexity
node-bcrypt-js-project CWE-327
7.5
2020-06-29 CVE-2020-4452 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM API Connect
IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-06-16 CVE-2020-7511 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to acquire a password by brute force.
network
low complexity
schneider-electric CWE-327
7.5
2020-06-04 CVE-2020-4191 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium 11.1
IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
local
low complexity
ibm CWE-327
4.4
2020-06-04 CVE-2020-13777 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3).
network
high complexity
gnu fedoraproject canonical debian CWE-327
7.4