Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-12 | CVE-2019-5919 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Nablarch Project Nablarch 5/5U1/5U13 An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors. | 9.1 |
| 2019-03-01 | CVE-2019-9483 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon Ring Video Doorbell Firmware Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door. | 9.1 |
| 2019-02-27 | CVE-2019-7006 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Avaya One-X Communicator 6.2 Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. | 5.5 |
| 2019-02-26 | CVE-2019-6593 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in F5 products On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. | 5.9 |
| 2019-02-22 | CVE-2019-6485 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Citrix products Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled. | 5.9 |
| 2019-02-19 | CVE-2019-5754 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. | 6.5 |
| 2019-02-19 | CVE-2018-1996 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. | 5.3 |
| 2019-02-09 | CVE-2019-7673 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mobotix S14 Firmware Mxv4.2.1.61 An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. | 7.5 |
| 2019-02-05 | CVE-2019-3818 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. | 7.5 |
| 2019-01-08 | CVE-2019-5719 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. | 5.5 |