Total
561 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21399 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-1206 | 3 Fedoraproject, Linux, Redhat | 5 Fedora, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 5.7 Medium |
| A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. | ||||
| CVE-2022-46834 | 1 Sick | 14 Rfu650-10100, Rfu650-10100 Firmware, Rfu650-10101 and 11 more | 2024-11-21 | 6.5 Medium |
| Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person. | ||||
| CVE-2022-46833 | 1 Sick | 48 Rfu630-04100, Rfu630-04100 Firmware, Rfu630-04100s01 and 45 more | 2024-11-21 | 6.5 Medium |
| Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmware update is available from the responsible SICK customer contact person. | ||||
| CVE-2022-45858 | 1 Fortinet | 1 Fortinac | 2024-11-21 | 3.8 Low |
| A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks. | ||||
| CVE-2022-45195 | 1 Simplex | 2 Simplex Chat, Simplexmq | 2024-11-21 | 5.3 Medium |
| SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol. | ||||
| CVE-2022-43949 | 1 Fortinet | 1 Fortisiem | 2024-11-21 | 5.9 Medium |
| A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1 allows a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods. | ||||
| CVE-2022-43843 | 1 Ibm | 1 Spectrum Scale | 2024-11-21 | 5.9 Medium |
| IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 239080. | ||||
| CVE-2022-39237 | 1 Sylabs | 1 Singularity Image Format | 2024-11-21 | 6.3 Medium |
| syslabs/sif is the Singularity Image Format (SIF) reference implementation. In versions prior to 2.8.1the `github.com/sylabs/sif/v2/pkg/integrity` package did not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures. A patch is available in version >= v2.8.1 of the module. Users are encouraged to upgrade. Users unable to upgrade may independently validate that the hash algorithm(s) used for metadata digest(s) and signature hash are cryptographically secure. | ||||
| CVE-2022-38493 | 1 Rhonabwy Project | 1 Rhonabwy | 2024-11-21 | 7.5 High |
| Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. | ||||
| CVE-2022-37177 | 1 Hirevue | 1 Hiring Platform | 2024-11-21 | 7.5 High |
| HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption. | ||||
| CVE-2022-35513 | 1 Blink1 | 1 Blink1control2 | 2024-11-21 | 7.5 High |
| The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage. | ||||
| CVE-2022-34757 | 1 Schneider-electric | 2 Easergy P5, Easergy P5 Firmware | 2024-11-21 | 6.7 Medium |
| A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 (V01.401.102 and prior) | ||||
| CVE-2022-34632 | 1 Linuxfoundation | 1 Rocket Chip Generator | 2024-11-21 | 9.1 Critical |
| Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain insufficient cryptography via the component /rocket/RocketCore.scala. | ||||
| CVE-2022-34361 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Secure Proxy and 2 more | 2024-11-21 | 5.9 Medium |
| IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522. | ||||
| CVE-2022-34320 | 1 Ibm | 1 Cics Tx | 2024-11-21 | 5.9 Medium |
| IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464. | ||||
| CVE-2022-34319 | 1 Ibm | 1 Cics Tx | 2024-11-21 | 5.9 Medium |
| IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229463. | ||||
| CVE-2022-34310 | 2 Ibm, Linux | 2 Cics Tx, Linux Kernel | 2024-11-21 | 5.9 Medium |
| IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441. | ||||
| CVE-2022-34309 | 1 Ibm | 1 Cics Tx | 2024-11-21 | 5.9 Medium |
| IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440. | ||||
| CVE-2022-33160 | 1 Ibm | 1 Security Directory Suite Va | 2024-11-21 | 3.7 Low |
| IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568. | ||||