Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2019-09-09 CVE-2019-16143 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Blake2 Blake2-Rust
An issue was discovered in the blake2 crate before 0.8.1 for Rust.
network
low complexity
blake2 CWE-327
critical
9.8
2019-09-04 CVE-2019-12587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Espressif Esp-Idf and Esp8266 Nonos SDK
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.
low complexity
espressif CWE-327
8.1
2019-08-30 CVE-2018-18371 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser.
network
low complexity
broadcom CWE-327
6.5
2019-08-22 CVE-2019-9155 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Openpgpjs
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
network
high complexity
openpgpjs CWE-327
5.9
2019-08-21 CVE-2019-12621 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco products
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack.
network
high complexity
cisco CWE-327
7.4
2019-08-20 CVE-2019-5035 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Nest CAM IQ Indoor Firmware 4620002
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002.
network
high complexity
google CWE-327
critical
9.0
2019-08-15 CVE-2019-9013 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Codesys products
An issue was discovered in 3S-Smart CODESYS V3 products.
low complexity
codesys CWE-327
8.8
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation.
8.1
2019-08-07 CVE-2016-5431 Use of a Broken or Risky Cryptographic Algorithm vulnerability in PHP Jose Project PHP Jose
The PHP JOSE Library by Gree Inc.
network
low complexity
php-jose-project CWE-327
7.5
2019-08-05 CVE-2019-5502 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-327
critical
9.1