EUVD-2025-208314

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

EUVD-2020-28636

Malware in sbrugna...

EUVD-2020-28639

Malware in sbrugna...

EUVD-2024-42542

Malicious code in bioql PyPI...

EUVD-2022-37705

Malicious code in bioql PyPI...

CVE-2025-56608

The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in OkHttpClientWrapper.java. The handleDigest function employs MessageDigest.getInstance"MD5" to hash credentials. MD5 is a broken cryptographic algorithm known to allow hash collisions...

CVE-2025-56608

The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in OkHttpClientWrapper.java. The handleDigest function employs MessageDigest.getInstance"MD5" to hash credentials. MD5 is a broken cryptographic algorithm known to allow hash collisions...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to python_jose-3.3.0-py2.py3-none-any.whl CVE-2024-33663

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to pythonjose-3.3.0-py2.py3-none-any.whl CVE-2024-33663. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-33663 DESCRIPTION: python-jose could allow a remote...

Security Bulletin: IBM Sterling B2B Integrator is affected by IBM WebSphere Application Server risky configuration cryptography

Summary IBM Sterling B2B Integrator is affected by IBM WebSphere Application Server risky configuration cryptography Vulnerability Details CVEID:CVE-2023-50312 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound...

CVE-2024-5559

CVE-2024-5559 is a CWE-327 vulnerability described in multiple sources as a cryptographic algorithm weakness that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the Schneider El...

CVE-2024-5559

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...

CVE-2024-5559

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause denial of service, device reboot, or an attacker gaining full control of the relay when a specially crafted reset token is entered into the front panel of the device...

CVE-2022-43949

CVE-2022-43949 affects Fortinet FortiSIEM prior to 6.7.1, where the use of a broken or risky cryptographic algorithm (CWE-327) enables a remote unauthenticated attacker to perform brute force attacks on GUI endpoints by exploiting outdated hashing methods. The issue is documented across multiple ...

FortiSIEM - Use of a Broken or Risky Cryptographic Algorithm

A use of a broken or risky cryptographic algorithm CWE-327 in FortiSIEM may allow a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods...

CVE-2022-45858

A use of a weak cryptographic algorithm vulnerability CWE-327 in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks...

CVE-2022-45858

FortiNAC is affected by CWE-327 due to use of a weak cryptographic algorithm/SSH key exchange. Affected FortiNAC versions are 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, and 8.7.0 all versions. The issue can enable attackers to access sensitive data or perform man-in...

FortiNAC - SSH Weak Key Exchange Algorithm

A use of a weak cryptographic algorithm vulnerability CWE-327 in FortiNAC may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks...

Siemens Brownfield Connectivity Client

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

IBM Java 8.0 < 8.0.7.20 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is prior to 8.0 8.0.7.20. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle October 18 2022 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Emerson OpenBSI

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: OpenBSI Vulnerabilities: Use of Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key CISA is aware of a public report, “OT:ICEFALL,” that details...