690 matches found
CVE-2021-32593
CVE-2021-32593 affects Fortinet FortiWAN before 4.5.9, where a broken or risky cryptographic algorithm (CWE-327) in the Dynamic Tunnel Protocol may allow an unauthenticated remote attacker to decrypt and forge protocol messages. The issue is confirmed across multiple trusted sources (Fortinet PSI...
CVE-2021-32593
A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...
CVE-2021-33018
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information...
Design/Logic Flaw
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information...
CVE-2021-33018
Vulnerability CVE-2021-33018 affects Philips Vue PACS family (Vue PACS, Vue MyVue, Vue Speech, Vue Motion) up to version 12.2.x.x and earlier, due to use of a broken or risky cryptographic algorithm (CWE-327). The issue could permit exposure of sensitive information. Philips and CISA have issued ...
CVE-2021-33018 Philips Vue PACS Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information...
CVE-2021-33018 Philips Vue PACS Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information...
Use of a Broken or Risky Cryptographic Algorithm
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey...
Use of a Broken or Risky Cryptographic Algorithm
golang.org/x/crypto/ssh before 0.0.0-20220314234659-1baeb1ce4c0b in Go through 1.16.15 and 1.17.x through 1.17.8 allows an attacker to crash a server in certain circumstances involving AddHostKey...
CVE-2022-27191
A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...
CVE-2022-0022
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal non-FIPS-CC operationa...
Design/Logic Flaw
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal non-FIPS-CC operationa...
CVE-2022-0022
CVE-2022-0022 affects PAN-OS: the password hashes for administrator and local user accounts are generated with a weak cryptographic algorithm in non-FIPS-CC mode, enabling hash cracking if hashes are obtained from PAN-OS configuration. Affected are PAN-OS 8.1 before 8.1.21; all 9.0; 9.1 before 9....
Palo Alto Networks PAN-OS 8.1.x < 8.1.21 / 9.0.x < 9.1.11 / 9.1.x < 9.1.11 / 10.0.x < 10.0.7 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.21 or 9.0.x prior to 9.1.11 or 9.1.x prior to 9.1.11 or 10.0.x prior to 10.0.7. It is, therefore, affected by a vulnerability. - Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software...
CVE-2022-21800 Airspan Networks Mimosa Use of a Broken or Risky Cryptographic Algorithm
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed...
CVE-2022-21800 Airspan Networks Mimosa Use of a Broken or Risky Cryptographic Algorithm
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed...
GO-2022-0646 CBC padding oracle issue in AWS S3 Crypto SDK for golang in github.com/aws/aws-sdk-go
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code MAC, which then allows an attacker who has write access to the target's S3 bucket and can observe...
ROS-20220125-15
A vulnerability in the Libgcrypt cryptographic library is related to the use of a weak cryptographic algorithm in the ElGamal implementation. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to sensitive information on the system. remotely, to...
CVE-2022-22559
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure...
Use of a Broken or Risky Cryptographic Algorithm in x360ce/x360ce
Description The password-generation algorithm used in the function NewPassword simply adds bias to the output password instead of making it easier to remember. Proof of Concept - Use the NewPassword function a large amount of times and store the output. - Look at the frequency of each character o...