701 matches found
CVE-2022-24296
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditionin...
CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
CVE-2021-32593
A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...
CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...
CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...
curl: Use of a Broken or Risky Cryptographic Algorithm (CWE-327) in libcurl
Summary: The DES cipher Data Encryption Standard is used in the curlntlmcore.c file of libcurl. DES is considered insecure due to its short key length 56 bits and its susceptibility to brute-force attacks. Modern cryptographic standards recommend replacing DES with AES Advanced Encryption Standar...
Security Bulletin: IBM Security Verify Information Queue uses a relatively weak cryptographic algorithm to protect application data (CVE-2021-20406)
Summary The cryptographic algorithm that IBM Security Verify Information Queue ISIQ uses to encrypt and decrypt application data has a JSON web token JWT signing key that is shorter than the recommended length. As of v10.0.0, ISIQ has doubled the length of its JWT signing key to be in compliance...
Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2025-055)
The version of runc installed on the remote host is prior to 1.1.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-055 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go...
CVE-2024-30152
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
CVE-2024-30152
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
CVE-2024-30152
CVE-2024-30152 concerns HCL SX v21, where the vulnerability arises from the use of a weak cryptographic algorithm. The exposed component is the HCL SX v21 cryptographic handling, leading to potential disclosure of sensitive information and data integrity/availability impacts. Public references in...
CVE-2024-30152 HCL SX is affected by usage of a weak cryptographic algorithm
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
CVE-2024-30152 HCL SX is affected by usage of a weak cryptographic algorithm
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts...
PT-2025-17933 · Hcl · Hcl Sx
Name of the Vulnerable Software and Affected Versions: HCL SX version 21 Description: The issue is related to the usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or cause other impacts. Recommendations: For HCL...
CVE-2025-26486
CVE-2025-26486 affects Beta80 Life 1st Identity Manager (Life 1st) up to version 1.5.2.14234. The issue arises from broken or risky cryptographic algorithms, passwords hashed with insufficient computational effort, weak hashes, and use of a one‑way hash with a predictable salt. An attacker with a...
CVE-2025-26486
Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...
CVE-2025-26486
Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to bruteforce user password...
CVE-2025-27508 Emissary Use of a Broken or Risky Cryptographic Algorithm
Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases e.g., SHA-1, CRC32, and SSDEEP. These algorithms, while...
Linux Distros Unpatched Vulnerability : CVE-2021-36647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11...