Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-11 | CVE-2022-34444 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. | 7.5 |
| 2023-02-08 | CVE-2022-35720 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. | 5.5 |
| 2023-01-26 | CVE-2022-43917 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. | 7.5 |
| 2023-01-26 | CVE-2022-22462 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Governance 10.0.1 IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-01-17 | CVE-2021-36647 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. | 4.7 |
| 2023-01-17 | CVE-2023-0296 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat Openshift 4.11 The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. | 5.3 |
| 2022-12-23 | CVE-2022-23539 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Auth0 Jsonwebtoken Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. | 8.1 |
| 2022-12-22 | CVE-2022-22461 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Governance 10.0.1 IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2022-12-20 | CVE-2022-38391 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Control 5.4.0.0 IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2022-12-19 | CVE-2022-4610 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. | 5.5 |