EUVD-2026-37021

Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

GHSA-3M6Q-H5GJ-7MRW Gitea has insecure default SSH settings

Summary The built-in SSH server currently advertises a number of key exchange, MAC, and host key algorithms that are considered weak or broken. The defaults should be tightened so a fresh installation passes a baseline SSH security audit out of the box. Details Running ssh-audit against a default...

CVE-2026-1627

An attacker may exploit the use of outdated and weak MAC algorithms in the device’s SSH service to potentially compromise the integrity of the SSH session, allowing manipulation of transmitted data if the attacker can interact with the network traffic...

CVE-2025-14175

The CVE-2025-14175 entry concerns the SSH server on TP-Link TL-WR820N v2.80, where weak cryptographic algorithm support is reported. The vulnerability enables an adjacent attacker to intercept and decrypt SSH traffic, impacting confidentiality. The CVSS v4.0 vector indicates an adjacent network a...

EUVD-2020-25596

Malware in sbrugna...

EUVD-2023-30099

Malicious code in bioql PyPI...

GE Multilin UR Family Inadequate Encryption Strength (CVE-2013-2566)

Prior to UR firmware Version 8.1x, UR supported various encryption and MAC algorithms for SSH communication, some of which are weak. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Do Not Configure the Encryption Algorithm Overwriting Policy for the SSH Service

The configuration files of the SSH encryption algorithms are /etc/ssh/sshdconfig and /etc/sysconfig/sshd. When the SSH service is running, you can edit the /etc/sysconfig/sshd file to overwrite the encryption algorithm policy. If the encryption algorithm overwriting policy is configured, users ar...

CVE-2025-27508

Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases e.g., SHA-1, CRC32, and SSDEEP. These algorithms, while...

The vulnerability of the software implementation of the TLS protocol for managing the SAN network by Brocade SANnav allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software implementation of the TLS protocol for managing SAN networks in Brocade SANnav systems is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

Horizon Business Services Caterease 安全漏洞

Horizon Business Services Caterease is an event planning and catering software from Horizon Business Services, USA. A security vulnerability exists in Horizon Business Services Caterease versions 16.0.1.1663 through 24.0.1.2405 and later versions, which stems from the selection of less secure...

The vulnerability of Cryptographic Service Provider (CSP) and Key Storage Provider (KSP) services in Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of Cryptographic Service Provider CSP and Key Storage Provider KSP services in Windows operating systems is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions...

Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com

Security researchers discovered a vulnerability in the Secure Shell SSH cryptographic network protocol, known as Terrapin CVE-2023-48795. This vulnerability could have allowed an attacker to downgrade the security of the secure channel. Weak SSH algorithms were also identified on various subdomai...

CVE-2024-27255

CVE-2024-27255 affects IBM MQ Operator and related container images, where a cryptographic weakness in the operator’s crypto algorithms could allow decryption of highly sensitive information. Affected versions include IBM MQ Operator v2.0.0–2.0.18, v2.2.0–2.2.2, v2.3.0–2.3.3, v2.4.0–2.4.7, and v3...

IBM Security Verify Governance 加密问题漏洞

IBM Security Verify Governance, an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risks. IBM Security Verify Governanc has an encryption issue vulnerability that stems...

Emerson OpenBSI 加密问题漏洞

Emerson OpenBSI is a set of network communication services designed for technicians, engineers, and operators from Emerson Electric USA that provide access to ControlWave RTUs. A cryptographic issue vulnerability exists in Emerson OpenBSI version 5.9 SP3 and prior versions, which arises from the...

GHSA-7V5V-9V8R-W864 Inadequate Encryption Strength in Apache CXF

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...