Lucene search
K

117 matches found

Vulnrichment
Vulnrichment
added 2022/01/21 6:17 p.m.5 views

CVE-2021-33846 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users...

5.9CVSS7.1AI score0.00313EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/01/06 10:20 p.m.39 views

Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy

A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...

7.5CVSS2.1AI score0.00723EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/06 10:4 p.m.27 views

Use of a Broken or Risky Cryptographic Algorithm in crypto2

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

9.8CVSS8.9AI score0.00753EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/12/27 7:15 p.m.4 views

CVE-2021-43550

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX PIC iX Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2021/12/15 6:15 p.m.13 views

CVE-2021-42216

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php...

9.8CVSS6.9AI score
Exploits0References3
CVE
CVE
added 2021/12/15 5:53 p.m.42 views

CVE-2021-42216

The CVE-2021-42216 entry concerns AnonAddy 0.8.5 with a broken or risky cryptographic algorithm in VerificationController.php. Affected software: AnonAddy (version 0.8.5). Vulnerable component: VerificationController.php; root cause: use of a broken or risky cryptographic algorithm. Impact (per C...

9.8CVSS9.4AI score0.01403EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/11/08 2:15 p.m.44 views

CVE-2021-39182 Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of t...

7.5CVSS7.7AI score0.00544EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/09/01 6:41 p.m.43 views

Use of a Broken or Risky Cryptographic Algorithm

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...

3.5CVSS3.9AI score0.00458EPSS
Exploits1References5Affected Software1
ICS
ICS
added 2021/04/13 12:0 a.m.39 views

Siemens and PKE Control Center Server

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens/PKE Equipment: Control Center Server CCS Vulnerabilities: Cleartext Storage of Sensitive Information in GUI, Improper Authentication, Relative Path Traversal, Use of a Broken or Risky...

9.9CVSS9.8AI score0.02647EPSS
Exploits0References8
Prion
Prion
added 2020/10/06 6:15 p.m.21 views

Design/Logic Flaw

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

5CVSS5.3AI score0.00542EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/06 5:18 p.m.56 views

CVE-2019-4325

CVE-2019-4325 affects HCL AppScan Enterprise; root cause is the use of broken or risky cryptographic algorithms to store REST API user details. Impact and remediation details are not explicitly provided in the connected documents; refer to the CVE entry for basic score context (MEDIUM) and the ve...

5.3CVSS5.3AI score0.00542EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/06/16 8:15 p.m.20 views

Design/Logic Flaw

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to acquire a password by brute force...

5CVSS7.6AI score0.00858EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.25 views

Beckhoff Twincat Use of a Broken or Risky Cryptographic Algorithm

Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via ADS. This special command supports encrypted authentication with username/password. The encryption...

4.3CVSS2.8AI score0.00423EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.26 views

Rockwellautomation Micrologix Use of a Broken or Risky Cryptographic Algorithm

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable. File data ot500367.nasl...

5CVSS3AI score0.02754EPSS
Exploits0References2
ICS
ICS
added 2019/12/10 12:0 a.m.88 views

Siemens SIMATIC S7-1200 and S7-1500 CPU Families (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7-1200 and S7-1500 CPU families Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Missing Support for Integrity Check 2. UPDATE INFORMATION This updated...

7.5CVSS6.7AI score0.00978EPSS
Exploits0References5
OSV
OSV
added 2018/03/09 5:29 p.m.4 views

CVE-2017-17167

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known...

5.9CVSS5.8AI score0.00652EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.27 views

Use of a Broken or Risky Cryptographic Algorithm

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...

3.5CVSS3.9AI score0.00458EPSS
Exploits1Affected Software1
Rows per page
Query Builder