Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2020-06-02 CVE-2020-4367 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Planning Analytics Local
IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-06-01 CVE-2020-13757 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext.
7.5
2020-05-27 CVE-2020-4379 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-05-27 CVE-2020-4350 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-05-27 CVE-2020-4349 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-05-18 CVE-2020-13135 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dlink Dsp-W215 Firmware 1.26B03
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy.
low complexity
dlink CWE-327
6.5
2020-05-14 CVE-2019-13022 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetstream Jetselect
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation).
network
low complexity
jetstream CWE-327
critical
9.8
2020-05-06 CVE-2020-6861 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ledger Monero
A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC.
local
low complexity
ledger CWE-327
5.5
2020-05-05 CVE-2020-11035 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm.
network
low complexity
glpi-project fedoraproject CWE-327
critical
9.3
2020-04-17 CVE-2020-11876 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zoom Meetings 4.6.11
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context.
network
low complexity
zoom CWE-327
7.5