Total
506 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-4594 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2024-09-16 | 7.5 High |
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184800. | ||||
CVE-2020-4965 | 1 Ibm | 12 Collaborative Lifecycle Management, Doors Next, Engineering Insights and 9 more | 2024-09-16 | 7.5 High |
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422. | ||||
CVE-2021-29723 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, Linux On Ibm Z and 5 more | 2024-09-16 | 7.5 High |
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100. | ||||
CVE-2017-15326 | 1 Huawei | 2 Dbs3900 Tdd Lte, Dbs3900 Tdd Lte Firmware | 2024-09-16 | N/A |
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage. | ||||
CVE-2020-4185 | 1 Ibm | 1 Security Guardium | 2024-09-16 | 7.5 High |
IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803. | ||||
CVE-2021-29894 | 2 Ibm, Redhat | 2 Cloud Pak For Security, Openshift | 2024-09-16 | 7.5 High |
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207320. | ||||
CVE-2021-29704 | 1 Ibm | 1 Resilient Security Orchestration Automation And Response | 2024-09-16 | 7.5 High |
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
CVE-2017-1575 | 1 Ibm | 1 Sterling File Gateway | 2024-09-16 | N/A |
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032. | ||||
CVE-2021-20406 | 2 Ibm, Linux | 2 Security Verify Information Queue, Linux Kernel | 2024-09-16 | 2.2 Low |
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196184. | ||||
CVE-2021-39002 | 6 Hp, Ibm, Linux and 3 more | 7 Hp-ux, Aix, Db2 and 4 more | 2024-09-16 | 7.5 High |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
CVE-2021-39058 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-09-16 | 7.5 High |
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617. | ||||
CVE-2021-43989 | 1 Myscada | 1 Mypro | 2024-09-16 | 7.5 High |
mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes. | ||||
CVE-2020-27652 | 1 Synology | 3 Diskstation Manager, Skynas, Skynas Firmware | 2024-09-16 | 8.3 High |
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. | ||||
CVE-2019-15795 | 3 Canonical, Debian, Ubuntu | 3 Ubuntu Linux, Python-apt, Python-apt | 2024-09-16 | 4.7 Medium |
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. | ||||
CVE-2018-11070 | 1 Dell | 2 Bsafe Crypto-j, Rsa Bsafe Ssl-j | 2024-09-16 | 5.9 Medium |
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key. | ||||
CVE-2018-11069 | 1 Dell | 1 Bsafe Ssl-j | 2024-09-16 | 5.9 Medium |
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key. | ||||
CVE-2020-4968 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2024-09-16 | 6.5 Medium |
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192427. | ||||
CVE-2019-4156 | 1 Ibm | 1 Security Access Manager | 2024-09-16 | 5.9 Medium |
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158572. | ||||
CVE-2023-30994 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-09-16 | 5.4 Medium |
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138 | ||||
CVE-2021-31352 | 1 Juniper | 1 Session And Resource Control | 2024-09-16 | 5.3 Medium |
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block of ciphertext and obtain sensitive information. This issue affects all Juniper Networks SRC Series versions prior to 4.13.0-R6. |