Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-01 | CVE-2017-11133 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 7.5 |
| 2017-06-30 | CVE-2017-10668 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xoev Osci Transport Library 1.6/1.6.1 A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). | 5.9 |
| 2017-06-26 | CVE-2017-9466 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Tp-Link Wr841N V8 Firmware Tlwr841Nv8140724 The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. | 9.8 |
| 2017-06-08 | CVE-2016-3099 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat products mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled. | 7.5 |
| 2017-06-08 | CVE-2014-8687 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Seagate Business NAS Firmware 2014.00319 Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens. | 9.8 |
| 2017-06-07 | CVE-2017-4917 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. | 9.8 |
| 2017-06-06 | CVE-2017-5243 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Rapid7 Nexpose The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. | 8.5 |
| 2017-04-27 | CVE-2017-5186 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate. | 7.5 |
| 2017-03-01 | CVE-2016-6485 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Magento Magento2 The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value. | 7.5 |
| 2017-02-13 | CVE-2016-8370 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitsubishielectric products An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. | 7.5 |