Lucene search
+L

79 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:57 p.m.9 views

CVE-2020-4874

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 190837...

7.5CVSS6.3AI score0.0027EPSS
Exploits0
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

IBM Concert Software Encryption Issues Vulnerabilities

IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert Software suffers from a cryptographic issue vulnerability that stems from the use of weak encryption algorithms, which could be...

5.9CVSS6.9AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2025/05/09 6:16 p.m.30 views

CVE-2025-1993

IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected...

5.5CVSS0.00111EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/27 7:41 p.m.24 views

CVE-2024-31896

IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS6.6AI score0.00187EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.23 views

The vulnerability of the software products of the LLC “NPO ‘MIR’, related to the use of cryptographic algorithms containing defects, allows attackers to execute an attack using brute-force methods.

The vulnerability of the software products developed by LLC “NPO ‘MIR’ lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability allows a remote attacker to execute an attack using brute-force methods...

8.6CVSS5.7AI score
Exploits0Affected Software3
NVD
NVD
added 2025/01/27 5:15 p.m.15 views

CVE-2024-27256

IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 4:15 p.m.16 views

CVE-2024-38320

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS0.00219EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/27 3:43 p.m.16 views

CVE-2024-38320 IBM Storage Protect for Virtual Environments: Data Protection for VMware information disclosure

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS0.00219EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.7 views

The vulnerability of the IBM DevOps Velocity lifecycle management platform (formerly known as IBM UrbanCode Velocity) relates to the use of cryptographic algorithms that contain defects, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM DevOps Velocity formerly IBM UrbanCode Velocity lifecycle management platform is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to...

5.9CVSS5.5AI score0.00311EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2024/09/06 12:53 p.m.42 views

CVE-2024-45040 gnark's commitments to private witnesses in Groth16 as implemented break zero-knowledge property

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.11.0, commitments to private witnesses in Groth16 as implemented break the zero-knowledge property. The vulnerability affects only Groth16 proofs with commitments. Notably, PLONK proofs are not...

5.9CVSS0.00427EPSS
Exploits0References3
OSV
OSV
added 2024/09/03 9:11 p.m.3 views

GHSA-P2Q9-36VW-C468 olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

5.9AI score
Exploits0References4
RustSec
RustSec
added 2024/09/02 12:0 p.m.9 views

olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

5.3CVSS7.2AI score0.00536EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.13 views

The vulnerability of the SCADA system “ENTEK,” related to the use of cryptographic algorithms containing defects, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system “ENTEK” is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.5CVSS5.5AI score
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/03 6:31 p.m.37 views

Security Bulletin: IBM Aspera Orchestrator affected by cryptographic and cross-site scripting vulnerabilities (CVE-2023-27283, CVE-2023-27280, CVE-2023-27281)

Summary IBM Aspera Orchestrator has addressed multiple vulnerabilities related to cryptographic algoritms and cross-site scripting that could allow sensitive information disclosure. Vulnerability Details CVEID:CVE-2023-27283 DESCRIPTION: IBM Aspera Orchestrator is vulnerable to stored cross-site...

5.3CVSS5.7AI score0.00471EPSS
Exploits0Affected Software1
HPE Security Bulletins
HPE Security Bulletins
added 2023/02/15 12:0 a.m.3 views

HPESBNW04445 rev.7 - Aruba Products Using OpenSSL, Multiple Vulnerabilities

Potential Security Impact: Remote: Denial of Service DoS, Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba AirWave Management Platform - See vulnerability summary for affected versions Aruba EdgeConnect Enterprise Software - See vulnerability summary...

7.5CVSS6.7AI score0.59501EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/12/06 5:52 p.m.6 views

CVE-2022-34361 IBM Sterling Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522...

5.9CVSS7.2AI score0.00375EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/15 12:0 a.m.7 views

CVE-2022-25674

Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music...

6.5CVSS7.4AI score0.00286EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/28 12:0 a.m.7 views

The vulnerability of Emerson DeltaV industrial control stations, related to the use of cryptographic algorithms containing vulnerabilities, allows an intruder to gain access to the system’s control interface.

The vulnerability of Emerson DeltaV industrial control stations lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an attacker operating remotely to gain access to the system’s control interface...

9CVSS5.5AI score0.00171EPSS
Exploits0References2
ICS
ICS
added 2022/06/09 12:0 a.m.129 views

Mitsubishi Electric Air Conditioning Systems

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Air Conditioning Systems Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Exposure of Sensitive Information to an Unauthorized Actor, Channel Accessible by Non-Endpoint 2...

9.8CVSS8.1AI score0.95707EPSS
Exploits22References5
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.259 views

EulerOS 2.0 SP8 : nss-softokn (EulerOS-SA-2021-1155)

According to the versions of the nss-softokn packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Network Security Services NSS before 3.46, several cryptographic primitives had missing length checks. In cases where the application...

10CVSS7.7AI score0.03596EPSS
Exploits1References4
Rows per page
Query Builder