Filtered by CWE-327
Filtered by vendor Subscriptions
Total 531 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-35890 1 Ibm 1 Websphere Application Server 2024-11-21 5.1 Medium
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.
CVE-2023-34758 1 Bishopfox 1 Sliver 2024-11-21 8.1 High
Sliver from v1.5.x to v1.5.39 has an improper cryptographic implementation, which allows attackers to execute a man-in-the-middle attack via intercepted and crafted responses.
CVE-2023-34130 1 Sonicwall 2 Analytics, Global Management System 2024-11-21 9.8 Critical
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
CVE-2023-34039 1 Vmware 1 Aria Operations For Networks 2024-11-21 9.8 Critical
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
CVE-2023-32043 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2024-11-21 6.8 Medium
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2023-30994 2 Ibm, Linux 2 Qradar Security Information And Event Manager, Linux Kernel 2024-11-21 5.4 Medium
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138
CVE-2023-30441 2 Ibm, Redhat 6 Infosphere Information Server, Java, Websphere Application Server and 3 more 2024-11-21 7.5 High
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
CVE-2023-2900 1 Nfine Rapid Development Platform Project 1 Nfine Rapid Development Platform 2024-11-21 3.7 Low
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-229974 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-28509 2 Linux, Rocketsoftware 3 Linux Kernel, Unidata, Universe 2024-11-21 7.5 High
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.
CVE-2023-28244 1 Microsoft 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more 2024-11-21 8.1 High
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2023-28076 1 Dell 1 Cloudlink 2024-11-21 5.9 Medium
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
CVE-2023-28053 1 Dell 1 Emc Networker 2024-11-21 5.3 Medium
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to some information disclosure.
CVE-2023-28043 1 Dell 1 Secure Connect Gateway 2024-11-21 6.5 Medium
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.
CVE-2023-27557 1 Ibm 1 Safer Payments 2024-11-21 5.9 Medium
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 249192.
CVE-2023-26276 2 Ibm, Linux 2 Qradar Security Information And Event Manager, Linux Kernel 2024-11-21 5.9 Medium
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 248147.
CVE-2023-26024 1 Ibm 1 Planning Analytics On Cloud Pak For Data 2024-11-21 6.5 Medium
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898.
CVE-2023-23695 1 Dell 1 Secure Connect Gateway 2024-11-21 5.9 Medium
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
CVE-2023-23347 1 Hcltech 1 Dryice Iautomate 2024-11-21 6.4 Medium
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
CVE-2023-23346 1 Hcltech 1 Dryice Mycloud 2024-11-21 6.4 Medium
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
CVE-2023-23040 1 Tp-link 2 Tl-wr940n, Tl-wr940n Firmware 2024-11-21 7.5 High
TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication.