Total
370 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0448 | 1 Cisco | 1 Digital Network Architecture Center | 2024-09-16 | 9.8 Critical |
| A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The vulnerability is due to insufficient security restrictions for critical management functions. An attacker could exploit this vulnerability by sending a valid identity management request to the affected system. An exploit could allow the attacker to view and make unauthorized modifications to existing system users as well as create new users. | ||||
| CVE-2021-21507 | 1 Dell | 22 R1-2210, R1-2210 Firmware, R1-2401 and 19 more | 2024-09-16 | 8.8 High |
| Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable system with privileges of the compromised account. | ||||
| CVE-2022-22368 | 3 Ibm, Linux, Microsoft | 4 Aix, Spectrum Scale, Linux Kernel and 1 more | 2024-09-16 | 7.5 High |
| IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 221012. | ||||
| CVE-2019-4291 | 1 Ibm | 1 Maximo Anywhere | 2024-09-16 | 6.5 Medium |
| IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to the lack of binary protection precautions. IBM X-Force ID: 160697. | ||||
| CVE-2017-6284 | 2 Google, Nvidia | 3 Android, Shield Tv, Shield Tv Firmware | 2024-09-16 | N/A |
| NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. | ||||
| CVE-2021-20400 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-09-16 | 7.5 High |
| IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074. | ||||
| CVE-2017-1473 | 1 Ibm | 6 Security Access Manager Appliance, Security Access Manager Firmware, Security Access Manager For Mobile and 3 more | 2024-09-16 | N/A |
| IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 128605. | ||||
| CVE-2022-20677 | 1 Cisco | 62 1100-4g Integrated Services Router, 1100-6g Integrated Services Router, 1101 Integrated Services Router and 59 more | 2024-09-16 | 5.5 Medium |
| Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2018-1593 | 1 Ibm | 1 Multi-cloud Data Encryption | 2024-09-16 | N/A |
| IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568. | ||||
| CVE-2017-1701 | 1 Ibm | 2 Rational Collaborative Lifecycle Management, Rational Team Concert | 2024-09-16 | N/A |
| IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393. | ||||
| CVE-2021-38984 | 1 Ibm | 2 Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager | 2024-09-16 | 7.5 High |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793. | ||||
| CVE-2019-4339 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2024-09-16 | 7.5 High |
| IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418. | ||||
| CVE-2021-38925 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 7.5 High |
| IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171. | ||||
| CVE-2021-20369 | 1 Ibm | 1 Cloud Pak For Applications | 2024-09-16 | 5.9 Medium |
| IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361. | ||||
| CVE-2018-1518 | 1 Ibm | 2 Infosphere Information Server, Infosphere Information Server On Cloud | 2024-09-16 | N/A |
| IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. | ||||
| CVE-2017-8076 | 1 Tp-link | 2 Tl-sg108e, Tl-sg108e Firmware | 2024-09-16 | N/A |
| On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | ||||
| CVE-2020-10275 | 3 Easyrobotics, Mobile-industrial-robots, Uvd-robots | 20 Er-flex, Er-flex Firmware, Er-lite and 17 more | 2024-09-16 | 9.8 Critical |
| The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly with base64(USERNAME:sha256(PASSWORD)). An unauthorized attacker inside the network can use the default credentials to compute the token and interact with the REST API to exfiltrate, infiltrate or delete data. | ||||
| CVE-2019-4557 | 1 Ibm | 1 Qradar Advisor | 2024-09-16 | 7.5 High |
| IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206. | ||||
| CVE-2021-20406 | 2 Ibm, Linux | 2 Security Verify Information Queue, Linux Kernel | 2024-09-16 | 2.2 Low |
| IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184. | ||||
| CVE-2001-1546 | 1 Mckesson | 1 Pathways Homecare | 2024-09-16 | 7.8 High |
| Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file. | ||||