CVE-2025-46371

Dell PowerFlex Manager, versions =4.6.2, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the ssh. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...

CVE-2025-46371

Dell PowerFlex Manager, versions =4.6.2, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the ssh. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the cryptographic algorithm implementation. An attacker can compromise the confidentiality of sensitive information by exploiting weak or insufficient cryptographic algorithms...

Use of a Broken or Risky Cryptographic Algorithm

Overview org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages. Affected versions of this package are...

PT-2026-33697

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...

Use of a Broken or Risky Cryptographic Algorithm

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm which may arise due to improper preservation of the configured cipher preference order. An attacker who can...

CVE-2026-20996

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...

CVE-2026-28252

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device...

Use of a Broken or Risky Cryptographic Algorithm

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the decryptString function. An attacker can access confidential information by submitting arbitrary ciphertext...

CVE-2026-20996

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...

CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device...

CVE-2026-28252

The CVE-2026-28252 vulnerability affects Trane Tracer SC, Tracer SC+, and Tracer Concierge. It is described as a Use of a Broken or Risky Cryptographic Algorithm that could allow an attacker to bypass authentication and gain root-level access to the device. The base metrics indicate a network-bas...

PT-2026-23451

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

Use of a Broken or Risky Cryptographic Algorithm

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the Google authentication. An attacker can gain unauthorized access to...

CVE-2026-22585

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud...

CVE-2026-22585

CVE-2026-22585 corresponds to a vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage) where a broken or risky cryptographic algorithm enables Web Services Protocol Manipulation. The Red Hat, CIR...

CVE-2025-58743

Use of a Broken or Risky Cryptographic Algorithm DES vulnerability in the Password class in C2SConnections.dll in Milner ImageDirector Capture on Windows allows Encryption Brute Forcing to obtain database credentials.This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808...

Use of a Broken or Risky Cryptographic Algorithm

Overview beatt83/jose-swift is a comprehensive support for the Jose suite of standards, including JWA JSON Web Algorithms, JWK JSON Web Key, JWE JSON Web Encryption, JWS JSON Web Signature, and JWT JSON Web Token. Affected versions of this package are vulnerable to Use of a Broken or Risky...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to missing cryptographic key commitment when storing encrypted data keys in an instruction file. An attacker with write access to the S3 bucket can manipulate encrypted data keys to...