701 matches found
CVE-2021-36647
The issue (CVE-2021-36647) is in the mbed TLS library, specifically the function mbedtls_mpi_exp_mod() in lignum.c. All affected releases prior to 3.0.0, 2.27.0, or 2.16.11 are vulnerable. The underlying problem is the use of a broken or risky cryptographic algorithm that, when an attacker has pr...
CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...
Use of a Broken or Risky Cryptographic Algorithm
IO FinNet tss-lib before 2.0.0 allows a collision of hash values...
CVE-2022-4610
A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...
Design/Logic Flaw
A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...
CVE-2022-4610
Technical details for CVE-2022-4610 are not publicly available in the provided documents. Monitor for updates.
CVE-2022-4610 Click Studios Passwordstate risky encryption
A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...
CVE-2022-46834
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
CVE-2022-46833
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
Design/Logic Flaw
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
Design/Logic Flaw
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...
Design/Logic Flaw
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
CVE-2022-46833
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
CVE-2022-27581
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
CVE-2022-46832
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...
CVE-2022-46834
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...
CVE-2022-46833
The CVE-2022-46833 entry describes a vulnerability in SICK RFU63x firmware prior to version 2.21 where requesting weak cipher suites via SSH enables a low-privileged remote attacker to decrypt data due to use of a broken/risky cryptographic algorithm. Impact is confidentiality loss (C:H) with net...
CVE-2022-27581
SICK RFU61x firmware prior to v2.25 is affected by a vulnerability where a broken or risky cryptographic algorithm enables a low-privileged remote attacker to decrypt data if weak cipher suites are used for SSH encryption. Impact is confidentiality-only (C:H, I/N/A). Exploitation is via SSH over ...