PT-2025-28630

Name of the Vulnerable Software and Affected Versions: Office Developer Platform affected versions not specified Description: The issue concerns the use of a broken or risky cryptographic algorithm in the Office Developer Platform, which allows an authorized attacker to bypass a local security...

Security Bulletin: IBM Storage Ceph is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the RHEL UBI (CVE-2024-28834)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2024-28834 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2024-28834 DESCRIPTION: GnuTLS could allow a remote authenticated attacker to obtain...

B&R Automation Runtime Use of a Broken or Risky Cryptographic Algorithm (CVE-2024-8603)

B&R Automation Runtime and B&R mapp View generates self-signed certificates during the boot-up process if no certificates have been configured in the B&R Automation Studio project. These certificates are signed using an algorithm, which is no longer considered to be secure. This plugin only works...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to CVE-2024-38341.

Summary IBM Sterling Secure Proxy is vulnerable due to the use of a weak crypographic algorithm during hashing. Vulnerability Details CVEID:CVE-2024-38341 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

CVE-2024-10128

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been...

CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure...

CVE-2024-5559

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...

CVE-2023-50937

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...

CVE-2023-51839

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51838

Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2022-43949

A use of a broken or risky cryptographic algorithm CWE-327 in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods...

CVE-2022-4610

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...

CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...

CVE-2022-45858

A use of a weak cryptographic algorithm vulnerability CWE-327 in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks...

CVE-2022-24296

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditionin...

CVE-2021-36647

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...

CVE-2021-32593

A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...

CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...

CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...