CWE-329 · Generation of Predictable IV with CBC Mode
10 CVEs classified under CWE-329 (Generation of Predictable IV with CBC Mode). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45787 | Critical | 9.1 | 2026-05-28 | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, const… |
CVE-2024-49783 | Medium | 5.3 | 2025-07-08 | IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with ac… |
CVE-2008-5161 | Low | 3.7 | 2008-11-19 | Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and S… |
CVE-2014-3566 | Low | 3.4 | 2014-10-15 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle atta… |
CVE-2022-29054 | Low | 3.1 | 2023-02-16 | A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0… |
CVE-2025-2814 | | 2025-04-12 | Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cry… | |
CVE-2021-27499 | | 2021-08-02 | Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The applica… | |
CVE-2020-5408 | | 2020-05-14 | Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null in… | |
CVE-2017-3226 | | 2018-07-24 | Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature… | |
CVE-2017-3225 | | 2018-07-24 | Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's… |