CWE-310 · Cryptographic Issues
2509 CVEs classified under CWE-310 (Cryptographic Issues). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-1804 | Critical | 9.8 | 2019-05-03 | A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthen… |
CVE-2017-18160 | Critical | 9.8 | 2019-01-18 | AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions M… |
CVE-2014-8686 | Critical | 9.8 | 2017-09-19 | CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt… |
CVE-2014-8684 | Critical | 9.8 | 2017-09-19 | CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently condu… |
CVE-2015-9107 | Critical | 9.8 | 2017-08-04 | Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented… |
CVE-2016-0897 | Critical | 9.8 | 2016-09-18 | Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators… |
CVE-2015-8805 | Critical | 9.8 | 2016-02-23 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of t… |
CVE-2015-8804 | Critical | 9.8 | 2016-02-23 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST e… |
CVE-2015-8803 | Critical | 9.8 | 2016-02-23 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of t… |
CVE-2004-2761 | Critical | 9.8 | 2009-01-05 | The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated… |
CVE-2018-14062 | Critical | 9.1 | 2019-08-15 | The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (… |
CVE-2018-5402 | Critical | 9.1 | 2018-10-08 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the ad… |
CVE-2015-7923 | Critical | 9.0 | 2016-01-30 | Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to d… |
CVE-2015-8989 | High | 8.8 | 2017-03-14 | Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows… |
CVE-2017-14852 | High | 8.6 | 2019-06-03 | An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The att… |
CVE-2016-0904 | High | 8.6 | 2016-09-21 | Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use the same encryption key across different customers' installa… |
CVE-2024-38408 | High | 8.2 | 2024-11-04 | Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. |
CVE-2019-9506 | High | 8.1 | 2019-08-14 | The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influen… |
CVE-2019-9861 | High | 8.1 | 2019-05-14 | Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can… |
CVE-2016-10697 | High | 8.1 | 2018-06-04 | react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP… |