Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2022-01-21 CVE-2021-33846 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Fresenius-Kabi products
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key.
network
low complexity
fresenius-kabi CWE-327
6.5
2022-01-19 CVE-2022-22310 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 21.0.0.10/21.0.0.12
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security.
network
low complexity
ibm CWE-327
6.4
2022-01-10 CVE-2021-38921 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Access 10.0.0/10.0.1.0/10.0.2.0
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
5.0
2021-12-28 CVE-2021-42583 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Foxcpp Maddy
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
network
low complexity
foxcpp CWE-327
5.0
2021-12-27 CVE-2021-43550 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Efficia CM Firmware and Patient Information Center IX
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
low complexity
philips CWE-327
3.3
2021-12-27 CVE-2021-45709 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Crypto2 Project Crypto2
An issue was discovered in the crypto2 crate through 2021-10-08 for Rust.
network
low complexity
crypto2-project CWE-327
7.5
2021-12-25 CVE-2021-45485 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
network
low complexity
linux netapp CWE-327
5.0
2021-12-25 CVE-2021-45486 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Linux Kernel
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
low complexity
linux CWE-327
2.7
2021-12-25 CVE-2021-45487 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
network
low complexity
netbsd CWE-327
5.0
2021-12-25 CVE-2021-45488 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
network
low complexity
netbsd CWE-327
5.0