CWE-327: CWE-327

This vulnerability in VNC authentication allows attackers to capture challenge-response pairs from unencrypted network traffic and attempt to derive t...

This vulnerability involves a service supporting deprecated and unsafe TLS versions, potentially allowing attackers to intercept or manipulate sensiti...

Dell RecoverPoint for VMs versions 6.0.x contain a broken cryptographic algorithm vulnerability in SSH that allows unauthenticated remote attackers to...

Brocade SANnav management software versions before 2.2.2 support weak key exchange algorithms on multiple ports, allowing attackers to potentially dec...

This vulnerability affects Siemens SmartClient modules by supporting insecure TLS 1.0 and 1.1 protocols, allowing man-in-the-middle attacks that could...

This vulnerability is an elliptic curve cryptography implementation flaw in illumos that causes incorrect point addition results. A man-in-the-middle ...

This vulnerability involves the use of a broken cryptographic algorithm in Schneider Electric devices, allowing attackers to cause denial of service, ...

This vulnerability allows attackers to decrypt TLS/SSL traffic by exploiting the use of static key ciphers in Juniper Junos Space servers. It affects ...

IBM Concert versions 1.0.0 through 2.0.0 use weak cryptographic algorithms that could allow attackers to decrypt sensitive information. This affects o...

IBM Concert versions 1.0.0 through 2.0.0 fail to properly enable HTTP Strict-Transport-Security (HSTS), allowing man-in-the-middle attackers to interc...

Dell PowerScale OneFS contains a broken cryptographic algorithm vulnerability that allows unauthenticated remote attackers to potentially access sensi...

IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 use weak cryptographic algorithms that could allow attackers to decrypt sensitive...

IBM Concert Software versions 1.0.0 through 1.1.0 use weak cryptographic algorithms that could allow attackers to decrypt sensitive information. This ...

IBM Concert Software versions 1.0.0 through 1.1.0 fail to properly enable HTTP Strict Transport Security (HSTS), allowing attackers to intercept unenc...

IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.12 use weak cryptographic algorithms, potentially allowing attackers to decrypt s...

IBM Aspera Console versions 3.4.0 through 3.4.4 use weak cryptographic algorithms that could allow attackers to decrypt sensitive data. This affects o...

IBM Security QRadar 3.12 EDR uses weak cryptographic algorithms that could allow attackers to decrypt stored credential information. This affects orga...

IBM Cognos Controller and IBM Controller Rich Client use weak cryptographic algorithms that could allow attackers to decrypt sensitive information. Th...

IBM Storage Protect for Virtual Environments and Backup-Archive Client versions 8.1.0.0 through 8.1.23.0 use weak cryptographic algorithms that could ...

This vulnerability in IBM DevOps Velocity and UrbanCode Velocity uses weak cryptographic algorithms that could allow attackers to decrypt sensitive in...

This vulnerability in IBM Concert Software allows attackers to intercept unencrypted HTTP traffic due to missing HTTP Strict Transport Security (HSTS)...

IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 and 7.0.3 use weak cryptographic algorithms, potentially allowing attackers to decr...

IBM Sterling Connect:Direct Web Services uses weak cryptographic algorithms that could allow attackers to decrypt sensitive data transmitted by the ap...

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 use broken or risky cryptographic algorithms, allowing unprivileged network attackers to potent...

Dell PowerProtect Data Domain systems using weak cryptographic algorithms are vulnerable to man-in-the-middle attacks. Remote unauthenticated attacker...

IBM Cognos Controller versions 10.4.1, 10.4.2, and 11.0.0 use weak cryptographic algorithms that could allow attackers to decrypt sensitive informatio...

IBM Cognos Controller versions 10.4.1, 10.4.2, and 11.0.0 use weak cryptographic algorithms that could allow attackers to decrypt sensitive informatio...

This vulnerability involves the use of a weak cryptographic algorithm in Windows Kerberos authentication, allowing an authenticated attacker with loca...

libtpms versions 0.10.0 and 0.10.1 have a cryptographic vulnerability where the library incorrectly returns the initial IV instead of the last IV when...

This vulnerability allows attackers to impersonate legitimate Wi-Fi access points and inject malicious data into wireless transmissions, bypassing cry...

This vulnerability in the AWS SDK for PHP allows an attacker with write access to an S3 bucket to manipulate encrypted data keys, potentially causing ...

This vulnerability in the AWS SDK for Ruby allows an attacker with write access to an S3 bucket to manipulate encrypted data keys, potentially causing...

This vulnerability in Amazon S3 Encryption Client for Java allows users with write access to an S3 bucket to manipulate encrypted data keys stored in ...

This vulnerability in the Amazon S3 Encryption Client for Go allows attackers with write access to an S3 bucket to manipulate encrypted data keys, pot...

This vulnerability in the AWS SDK for C++ allows an attacker with write access to an S3 bucket to manipulate encrypted data keys stored in instruction...

This vulnerability in Amazon S3 Encryption Client for .NET allows users with write access to an S3 bucket to replace encrypted data keys with maliciou...

Dell PowerProtect Data Domain systems running affected DD OS versions contain a broken cryptographic algorithm vulnerability. Unauthenticated remote a...

Dell PowerProtect Data Domain systems using vulnerable DD OS versions contain a broken cryptographic algorithm in authentication mechanisms. An unauth...

Brocade SANnav versions before 2.3.1b enable weak TLS ciphers on ports 443 and 18082, allowing attackers to intercept and read network traffic contain...

IBM Aspera faspio Gateway 1.3.6 uses weak cryptographic algorithms that could allow attackers to decrypt sensitive data transmitted through the gatewa...

This vulnerability affects multiple RUGGEDCOM industrial networking devices that support the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher suite. The...

Dell PowerScale OneFS versions before 9.11.0.0 use broken or risky cryptographic algorithms, allowing high-privileged remote attackers to potentially ...

This vulnerability in Matrix libolm allows attackers to create different but valid signatures for the same message due to insufficient Ed25519 signatu...

This vulnerability involves the use of broken or risky cryptographic algorithms in Desktop Alert PingAlert's Application Server, potentially allowing ...

This vulnerability in Tenda AX9 routers allows attackers to exploit weak hash functions in the firmware update mechanism via the httpd component. Atta...

A vulnerability in TP-Link TL-WR820N routers allows attackers on the same network to intercept and decrypt SSH traffic due to weak cryptographic algor...