CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2021-05-26
Medium
CVE-2021-22738

Updating...
 

 
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.

 
2021-05-24
Medium
CVE-2021-20419

Updating...
 

 
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196280.

 
2021-04-05
Medium
CVE-2021-20305

Vendor: Nettle project
Software: Nettle
 

 
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.

 
2021-03-25
Low
CVE-2021-3446

Vendor: Libtpms project
Software: Libtpms
 

 
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps. The highest threat from this vulnerability is to data confidentiality.

 
2021-03-22
Medium
CVE-2021-22309

Updating...
 

 
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions V500R001C30SPC200, V500R001C60SPC500,V500R005C00SPC200;USG9520 versions V500R005C00;USG9560 versions V500R005C00;USG9580 versions V500R005C00.

 
2021-03-18
Medium
CVE-2019-14852

Vendor: Redhat
Software: 3scale api m...
 

 

 
2021-03-12
Medium
CVE-2020-4831

Vendor: IBM
Software: Datapower ga...
 

 
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.

 
2021-03-10
Low
CVE-2020-35221

Updating...
 

 
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to quickly generate multiple collisions to generate valid passwords, or infer some parts of the original.

 
2021-03-03
Low
CVE-2021-20441

Updating...
 

 
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617.

 
2021-02-15
Medium
CVE-2021-27211

Vendor: Steghide project
Software: Steghide
 

 
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top