CVE-2024-5559

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...

CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...

CVE-2021-36647

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-055)

The version of runc installed on the remote host is prior to 1.1.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-055 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go...

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

CVE-2025-26486

Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...

Siemens SIMATIC Devices Linux Kernel Use of a Broken or Risky Cryptographic Algorithm (CVE-2022-1434)

When using the RC4-MD5 ciphersuite, which is disabled by default, an attacker is able to modify data in transit due to an incorrect use of the AAD data as the MAC key in OpenSSL 3.0. An attacker is not able to decrypt any communication. This plugin only works with Tenable.ot. Please visit...

CVE-2024-8603

CVE-2024-8603 affects B&R Automation Runtime and B&R mapp View versions prior to 6.1, where the SSL/TLS component uses a broken or risky cryptographic algorithm. Unauthenticated network-based attackers may masquerade as services on impacted devices. Multiple sources (NVD/NCSA advisory references ...

CVE-2024-47921

CVE-2024-47921 concerns Smadar SPS with CWE-327: Use of a Broken or Risky Cryptographic Algorithm. Affected product: Smadar SPS; reports reference cryptographic weaknesses in the software (CNNVD 202412-3229) and details vary by source (e.g., version 4.0.44.0.64 cited by CNNVD). CVSS 3.1 metrics i...

CVE-2024-28980

Dell RecoverPoint for VMs, versions 6.0.x contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

GO-2022-0839 Use of a Broken or Risky Cryptographic Algorithm in Terraform in github.com/hashicorp/terraform

Use of a Broken or Risky Cryptographic Algorithm in Terraform in github.com/hashicorp/terraform...

Use Of A Broken Or Risky Cryptographic Algorithm

asymmetricrypt/asymmetricrypt is vulnerable to Use Of A Broken Or Risky Cryptographic Algorithm. The vulnerability is due to insecure padding within PKCS v1.5, which allows an attacker to brute force the encrypted content...

CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26146)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26139)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26140)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

CVE-2024-22463

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...

Design/Logic Flaw

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-50350

HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information...