Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2020-02-11 CVE-2013-2213 Use of a Broken or Risky Cryptographic Algorithm vulnerability in KDE Paste Applet
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output.
local
low complexity
kde CWE-327
5.5
2020-02-04 CVE-2019-4540 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Directory Server
IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-01-30 CVE-2020-5229 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apereo Opencast
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm.
network
low complexity
apereo CWE-327
8.1
2020-01-28 CVE-2019-4639 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Secret Server 10.6/10.7
IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-01-24 CVE-2019-3700 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Suse Yast2-Security
yast2-security didn't use secure defaults to protect passwords.
local
low complexity
suse CWE-327
3.3
2020-01-21 CVE-2020-6857 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Taskautomation Carbonftp 1.4
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key.
local
low complexity
taskautomation CWE-327
5.5
2020-01-13 CVE-2019-19891 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitel Sip-Dect Firmware 8.0/8.1
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack.
network
high complexity
mitel CWE-327
5.9
2020-01-09 CVE-2020-1810 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products
There is a weak algorithm vulnerability in some Huawei products.
network
low complexity
huawei CWE-327
5.3
2020-01-09 CVE-2020-1826 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Honor Magic2 Firmware
Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability.
local
low complexity
huawei CWE-327
4.4
2019-12-18 CVE-2019-4609 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM API Connect 2018.4.1.7
IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5