139 matches found
Inadequate Encryption Strength
github.com/enchant97/note-mark/backend is vulnerable to Inadequate Encryption Strength. The vulnerability is due to missing enforcement of minimum length and entropy requirements for the JWTSECRET value, which allows an attacker to brute-force weak secrets and forge valid JWT tokens...
Inadequate Encryption Strength
Overview github.com/pion/dtls is a DTLS 1.2 Server/Client implementation for Go. Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by...
Inadequate Encryption Strength
Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation Upgrade...
EUVD-2020-29609
Malware in sbrugna...
EUVD-2024-19401
Malicious code in bioql PyPI...
EUVD-2022-29028
Malicious code in bioql PyPI...
EUVD-2024-19492
Malicious code in bioql PyPI...
EUVD-2025-14544
Malicious code in bioql PyPI...
CVE-2025-46409
Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker...
xxl-job has Inadequate Encryption Strength
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with...
Brocade ASCG 安全漏洞
Brocade ASCG is a networking feature from Brocade USA that is primarily used to simplify SAN architecture and optimize resource utilization. A security vulnerability exists in Brocade ASCG versions prior to 3.3.0 that stems from the use of medium-strength encryption algorithms on internal ports...
Security Bulletin: IBM Guardium Data Protection is affected by a snowflake-jdbc-3.14.0.jar vulnerability (CVE-2024-43382)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2024-43382 DESCRIPTION: Snowflake JDBC driver could provide weaker than expected security, caused by an incorrect security setting. A remote authenticated attacker could exploit thi...
CVE-2022-24318
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated versions of the ViewX client are used. Affected Product: ClearSCADA All Versions, EcoStruxure Geo SCADA Expert 2019 All Versions, EcoStruxure Geo SCADA Expert...
CVE-2025-4894
CVE-2025-4894 affects calmkart Django-sso-server. The vulnerability is in common/crypto.py, function gen_rsa_keys, leading to inadequate encryption strength. Attacker could potentially exploit remotely; the CVE notes the attack complexity as high and exploitation as difficult, with no version det...
CVE-2025-22446
Inadequate encryption strength for some Edge Orchestrator software for IntelR Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access...
CVE-2025-22446
Inadequate encryption strength for some Edge Orchestrator software for IntelR Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access...
Security Bulletin: IBM Integration Bus for z/OS is vulnerable to a remote attack due to Apache Tomcat (CVE-2024-52317)
Summary IBM Integration Bus for z/OS is vulnerable to a remote attack due to Apache Tomcat Vulnerability Details CVEID:CVE-2024-52317 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by an incorrect recycling of the request and response used by HTTP/2 requests. A...
CVE-2024-13026 Inadequate Encryption Strength Vulnerability in Roche Algo Edge
A vulnerability exists in Algo Edge up to 2.1.1 - a previously used legacy component of navify® Algorithm Suite. The vulnerability impacts the authentication mechanism of this component and could allow an attacker with adjacent access to the laboratory network and the Algo Edge system to craft...
Inadequate Encryption Strength
github.com/apache/incubator-answer is vulnerable to Inadequate Encryption Strength. The vulnerability is due to the use of UUID v1 for token generation, which incorporates predictable elements like timestamps and node identifiers, allowing an attacker to predict or forge UUID tokens, potentially...
Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...