CWE-327: CWE-327

This vulnerability in AndSoft's e-TMS v25.03 uses the MD5 hash algorithm for password encryption, which is cryptographically broken and vulnerable to ...

The Emissary workflow engine's ChecksumCalculator class uses weak cryptographic algorithms (SHA-1, CRC32, SSDEEP) that are no longer considered secure...

AudioCodes Mediant SBC devices before version 7.40A.501.841 use weak password obfuscation in configuration exports, allowing attackers with access to ...

ECOVACS robot lawnmowers and vacuums use a predictable symmetric key for firmware decryption, allowing attackers to create and install malicious firmw...

This vulnerability affects certain PLANET Technology switch models that use obsolete cryptographic algorithms in their SNMPv3 implementation. Attacker...

This vulnerability allows attackers to bypass Windows Cryptographic Services security features, potentially enabling them to circumvent digital signat...

The TVS Connect mobile application insecurely handles RSA key pairs, potentially allowing attackers to decrypt sensitive information transmitted by th...

MeshCentral 1.1.16 uses weak cryptographic algorithms that could allow attackers to decrypt sensitive data or bypass authentication. This affects all ...

CVE-2023-50481 is a cryptographic vulnerability in blinksocks 3.3.8 that allows remote attackers to decrypt sensitive information due to weak encrypti...

Broadcom RAID Controller web interface uses insecure default TLS configurations that support obsolete and vulnerable TLS protocols. This allows attack...

This vulnerability in IBM Runtime Environment Java Technology Edition's IBMJCEPlus and JSSE components could expose sensitive information due to crypt...

This vulnerability affects Rocket Software UniData and UniVerse database systems using weak encryption for network communications and password transmi...

This vulnerability in TP-Link TL-WR940N V6 routers allows attackers to potentially crack admin passwords due to the use of weak MD5 hashing for authen...

This vulnerability affects the LTI 1.3 Tool Library for PHP, where insufficient cryptographic complexity in random nonce generation could allow attack...

This CVE describes a cryptographic vulnerability in certain Verbatim encrypted storage drives where AES-256 encryption uses insecure ECB mode instead ...

CVE-2022-29249 is a vulnerability in JavaEZ library version 1.6 that allows unauthorized actors to force decryption of locked text, potentially exposi...

IBM Cloud Pak System versions 2.3.0 through 2.3.3.3 Interim Fix 1 use weak cryptographic algorithms, allowing attackers to decrypt sensitive informati...

IBM UrbanCode Deploy 7.1.1.2 uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information stored or transmitted by t...

IBM Security Guardium versions 10.5 and 11.3 use weak cryptographic algorithms that could allow attackers to decrypt sensitive information stored or t...

Dell PowerScale OneFS version 9.3.0 uses a broken or risky cryptographic algorithm, allowing unprivileged network attackers to potentially decrypt sen...

This vulnerability in Philips Vue PACS involves the use of broken cryptographic algorithms, which could allow attackers to decrypt sensitive medical i...

This vulnerability in IBM UrbanCode Deploy uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information stored or tr...

This vulnerability in BigFix Compliance allows attackers to decrypt TLS-encrypted network traffic when TLS-RSA cipher suites are enabled without TLS 2...

IBM Security Verify versions 10.0.0 through 10.0.2.0 use weak cryptographic algorithms, allowing attackers to decrypt sensitive information stored or ...

CVE-2021-42583 is a cryptographic vulnerability in Maddy email server software where weak or broken cryptographic algorithms could expose sensitive au...

CVE-2017-2488 is a cryptographic weakness in Apple Remote Desktop's authentication protocol that allowed attackers to capture cleartext passwords duri...

This vulnerability in Mbed TLS allows policy bypass or oracle-based decryption attacks when untrusted applications can access output buffer memory loc...

IBM Spectrum Copy Data Management versions 2.2.13 and earlier use weak cryptographic algorithms that could allow attackers to decrypt sensitive inform...

EnroCrypt versions before 1.1.4 use the insecure MD5 hashing algorithm, which can lead to hash collisions and password cracking. This affects develope...

Rucky versions 2.2 and earlier (release builds) and 425 and earlier (nightly builds) use weak RSA/ECB/PKCS1Padding encryption, which could allow attac...

IBM QRadar SIEM versions 7.3 and 7.4 use weak cryptographic algorithms that could allow attackers to decrypt sensitive information. This affects organ...

This vulnerability in CyberArk Credential Provider allows attackers to decrypt credential files due to insufficient encryption key space. Attackers ca...

This vulnerability in IBM Sterling Secure Proxy uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information transmi...

IBM Security SOAR uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information stored or transmitted by the system. ...

IBM QRadar SIEM versions 7.3.0-7.3.3 Patch 8 and 7.4.0-7.4.3 GA use weak cryptographic algorithms, allowing attackers to decrypt sensitive information...

IBM Security Verify Access Docker 10.0.0 uses weak cryptographic algorithms that could allow attackers to decrypt sensitive information. This affects ...

IBM Guardium Data Encryption (GDE) uses weak cryptographic algorithms that could allow attackers to decrypt sensitive encrypted data. This affects GDE...

CVE-2021-20566 is a cryptographic weakness vulnerability in IBM Resilient SOAR V38.0 that allows attackers to decrypt sensitive information due to the...

CVE-2020-26515 is an authentication bypass vulnerability in Intland codeBeamer ALM where the 'remember-me' cookie uses NULL encryption, allowing attac...

IBM Spectrum Protect Plus versions 10.1.0 through 10.1.7 use weak cryptographic algorithms, allowing attackers to decrypt sensitive information. This ...

CVE-2020-4965 is a cryptographic weakness vulnerability in IBM Jazz Team Server products where weaker-than-expected encryption algorithms allow attack...

CVE-2019-14852 is a cryptographic vulnerability in 3scale's APIcast gateway that allows TLS 1.0 protocol usage, enabling attackers to potentially decr...

This vulnerability affects Siemens RUGGEDCOM ROX industrial routers by supporting insecure TLS 1.0 protocol in their webserver. Attackers can perform ...

SanDisk PrivateAccess versions before 6.4.9 support outdated TLS 1.0 and 1.1 protocols, which are vulnerable to man-in-the-middle attacks. This allows...

This vulnerability in PyJWT allows attackers to forge JWT tokens by algorithm confusion when applications use the default algorithm list. It affects a...

A cryptographic vulnerability in HPE Aruba EdgeConnect SD-WAN Gateways allows authenticated remote attackers to gain shell access and execute arbitrar...

Poco v1.14.1-release contains weak encryption implementations that could allow attackers to decrypt sensitive data if applications don't properly conf...

CVE-2025-45767 involves weak encryption in jose v6.0.10, potentially allowing attackers to decrypt or forge JWT tokens. This affects applications usin...

This vulnerability affects OSD Bare Metal Servers using weak cryptographic algorithms, potentially allowing attackers to decrypt sensitive data or byp...

DuckDB's block-based encryption implementation contains multiple cryptographic flaws that could allow attackers to bypass encryption, compromise keys,...