690 matches found
Use of a Broken or Risky Cryptographic Algorithm
Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the generateCTR process in G3413CTRBlockCipher. An attacker can recover relationships between encrypted plaintext blocks by driving the cipher past its counter range and causing th...
UBUNTU-CVE-2025-14813
: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files G3413CTRBlockCipher. This issue affects BC-JAVA: from 1.59 before 1.80.2, from 1.81 before 1.81.1, from 1.82...
UBUNTU-CVE-2026-5588
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...
CVE-2026-5588
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...
CVE-2026-5588
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...
Use of a Broken or Risky Cryptographic Algorithm
Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm which may arise due to improper preservation of the configured cipher preference order. An attacker who can...
Use of a Broken or Risky Cryptographic Algorithm
Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm which may arise due to improper preservation of the configured cipher preference order. An attacker who can control...
Use of a Broken or Risky Cryptographic Algorithm
Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the performDetectPublicKeyAlgorithms function due to improper handling of leading whitespace in PEM key strings. An attacker can gain...
CVE-2026-20996
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...
CVE-2026-28252
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device...
Use of a Broken or Risky Cryptographic Algorithm
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the decryptString function. An attacker can access confidential information by submitting arbitrary ciphertext...
CVE-2026-20996
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...
CVE-2026-28252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device...
CVE-2026-28252
The CVE-2026-28252 vulnerability affects Trane Tracer SC, Tracer SC+, and Tracer Concierge. It is described as a Use of a Broken or Risky Cryptographic Algorithm that could allow an attacker to bypass authentication and gain root-level access to the device. The base metrics indicate a network-bas...
CVE-2026-3598
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...
PT-2026-23449
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...
PT-2026-23451
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...
Use of a Broken or Risky Cryptographic Algorithm
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the Google authentication. An attacker can gain unauthorized access to...
CVE-2026-2618 Beetel 777VR1 SSH Service risky encryption
A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The...
CVE-2026-22585
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud...