Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-02 | CVE-2019-18659 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ready Wireless Emergency Alerts The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 (aka SIB12). | 5.0 |
| 2019-10-25 | CVE-2019-4399 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2019-10-23 | CVE-2019-8237 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Adobe Acrobat DC Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an insufficiently robust encryption vulnerability. | 10.0 |
| 2019-10-09 | CVE-2019-11341 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android 9.0 On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. | 2.1 |
| 2019-10-09 | CVE-2018-5745 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ISC Bind "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. | 3.5 |
| 2019-10-03 | CVE-2019-13629 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Matrixssl MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. | 4.3 |
| 2019-09-30 | CVE-2019-10492 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Qualcomm products Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439 | 7.2 |
| 2019-09-27 | CVE-2019-3736 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell EMC Integrated Data Protection Appliance Firmware 2.0/2.1/2.2 Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. | 4.0 |
| 2019-09-09 | CVE-2019-16143 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Blake2 Blake2-Rust An issue was discovered in the blake2 crate before 0.8.1 for Rust. | 7.5 |
| 2019-09-04 | CVE-2019-12587 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Espressif Esp-Idf and Esp8266 Nonos SDK The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point. | 4.8 |