CVE-2021-42583

Max Mazurov Maddy (github.com/foxcpp/maddy) is affected by a broken or risky cryptographic algorithm prior to version 0.5.2. The issue stems from the verify.go code-path in auth.shadow, where MD5-based hashing can lead to information disclosure. Multiple sources (CVE-2021-42583, GHSA-5R5W-H76P-M7...

CVE-2021-42583

A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information...

CVE-2021-43550

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX PIC iX Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0...

CVE-2021-43550

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX PIC iX Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0...

Design/Logic Flaw

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX PIC iX Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0...

CVE-2021-43550 Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX PIC iX Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0...

CVE-2021-43550

The CVE-2021-43550 entry concerns the use of a broken or risky cryptographic algorithm in Philips PIC iX and Efficia CM Series. Connected sources (ICSMA-21-322-02) specify affected products: PIC iX versions C.02 and C.03 and Efficia CM Series revisions A.01 to C.0x and 4.0. The vulnerability enab...

Fresenius Kabi Agilia Connect Infusion System (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...

CVE-2021-42216

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php...

CVE-2021-42216

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php...

Design/Logic Flaw

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php...

CVE-2021-42216

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php...

CVE-2021-42216

The CVE-2021-42216 entry concerns AnonAddy 0.8.5 with a broken or risky cryptographic algorithm in VerificationController.php. Affected software: AnonAddy (version 0.8.5). Vulnerable component: VerificationController.php; root cause: use of a broken or risky cryptographic algorithm. Impact (per C...

PT-2021-23559 · Anonaddy · Anonaddy

Name of the Vulnerable Software and Affected Versions: AnonAddy version 0.8.5 Description: A Broken or Risky Cryptographic Algorithm exists in the software via VerificationController.php. Recommendations: For AnonAddy version 0.8.5, consider updating to a newer version that addresses the issue wi...

CVE-2021-39182 Use of Password Hash With Insufficient Computational Effort and Use of a Broken or Risky Cryptographic Algorithm and Reversible One-Way Hash in hashing.py

EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hashing algorithm. The vulnerability is patched in v1.1.4 of t...

Use of a Broken or Risky Cryptographic Algorithm in anonaddy/anonaddy

Description MD5 and SHA-1 are popular cryptographic hash algorithms often used to verify the integrity of messages and other data. Recent advances in cryptanalysis have discovered weaknesses in both algorithms. Consequently, MD5 and SHA-1 should no longer be relied upon to verify the authenticity...

Use of a Broken or Risky Cryptographic Algorithm in froxlor/froxlor

Description Froxlor uses microtime to seed uniqid which is then hashed to produce a session token, microtime can be reasonably brute-forced/predicted, thus allowing for a relatively large-scale account-takeover attack or accurate targeted ones. Both microtime and uniqid are cryptographically...

CVE-2021-41096

Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...

Security feature bypass

Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...

CVE-2021-41096 Use of a Broken or Risky Cryptographic Algorithm in com.mayank.rucky

Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm RSA/ECB/PKCS1Padding. The issue will be patched in v2.3 for release builds and 426 onwards for...