Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-05 | CVE-2020-11035 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. | 9.3 |
| 2020-04-17 | CVE-2020-11876 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zoom Meetings 4.6.11 airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. | 7.5 |
| 2020-04-17 | CVE-2019-20775 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android 9.0 An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. | 5.5 |
| 2020-04-17 | CVE-2020-10377 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitel Mivoice Connect and Mivoice Connect Client A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. | 9.8 |
| 2020-04-17 | CVE-2020-11872 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Bluetrace Opentrace 1.0 The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication attacks by making billions of TempID requests before an AES-256-GCM key rotation occurs. | 7.5 |
| 2020-04-16 | CVE-2019-14001 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Qualcomm products Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QM215, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20 | 7.8 |
| 2020-04-14 | CVE-2020-11005 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Windowshello Project Windowshello The WindowsHello open source library (NuGet HaemmerElectronics.SeppPenner.WindowsHello), before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. | 5.5 |
| 2020-04-14 | CVE-2018-6402 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Ecobee Ecobee4 Firmware 4.2.0.171 Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. | 7.5 |
| 2020-04-08 | CVE-2018-21058 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android 7.0/8.0 An issue was discovered on Samsung mobile devices with N(7.0), O(8.0) (exynos7420 or Exynos 8890/8996 chipsets) software. | 9.8 |
| 2020-04-03 | CVE-2020-10601 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local attacker to bypass the password-protected mechanism through brute-force attacks, cracking techniques, or overwriting the password hash. | 7.8 |