Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-13 | CVE-2018-10084 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be bypassed. | 8.8 |
| 2018-03-26 | CVE-2018-5458 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-23 | CVE-2017-15326 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Dbs3900 TDD LTE Firmware V100R003C00/V100R004C10 DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. | 4.3 |
| 2018-03-22 | CVE-2018-1428 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM DB2 IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.5 |
| 2018-03-22 | CVE-2017-1571 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.5 |
| 2018-03-09 | CVE-2017-17167 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei products Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. | 5.9 |
| 2018-03-05 | CVE-2017-17428 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. | 5.9 |
| 2018-02-18 | CVE-2018-7211 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Idashboards An issue was discovered in iDashboards 9.6b. | 8.1 |
| 2018-02-07 | CVE-2018-6829 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gnupg Libgcrypt cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). | 7.5 |
| 2017-12-27 | CVE-2017-17878 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Valvesoftware Steam Link Firmware An issue was discovered in Valve Steam Link build 643. | 9.8 |