Total
359 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36337 | 1 Dell | 1 Wyse Management Suite | 2021-12-27 | 5.8 MEDIUM | 7.4 HIGH |
| Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data. | |||||
| CVE-2020-10601 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2021-12-20 | 4.6 MEDIUM | 7.8 HIGH |
| VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local attacker to bypass the password-protected mechanism through brute-force attacks, cracking techniques, or overwriting the password hash. | |||||
| CVE-2021-38947 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2021-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242. | |||||
| CVE-2021-20400 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2021-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196074. | |||||
| CVE-2021-38891 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Sterling Connect\, Linux Kernel and 2 more | 2021-11-29 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508. | |||||
| CVE-2018-1785 | 2 Apple, Ibm | 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments | 2021-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870. | |||||
| CVE-2018-1545 | 2 Apple, Ibm | 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments | 2021-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649. | |||||
| CVE-2021-38983 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2021-11-16 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212792. | |||||
| CVE-2021-3789 | 1 Binatoneglobal | 42 Cn28, Cn28 Firmware, Cn40 and 39 more | 2021-11-16 | 2.1 LOW | 4.6 MEDIUM |
| An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages. | |||||
| CVE-2021-38984 | 1 Ibm | 2 Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager | 2021-11-16 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 212793. | |||||
| CVE-2020-14517 | 1 Wibu | 1 Codemeter | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API. | |||||
| CVE-2019-19101 | 1 Br-automation | 1 Automation Studio | 2021-11-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server. | |||||
| CVE-2021-38464 | 1 Inhandnetworks | 2 Ir615, Ir615 Firmware | 2021-10-22 | 5.8 MEDIUM | 7.4 HIGH |
| InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session. | |||||
| CVE-2021-38862 | 1 Ibm | 1 Data Risk Manager | 2021-10-18 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207980. | |||||
| CVE-2021-38925 | 1 Ibm | 1 Sterling B2b Integrator | 2021-10-14 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171. | |||||
| CVE-2017-5160 | 1 Aveva | 1 Wonderware Intouch Access Anywhere | 2021-08-31 | 3.5 LOW | 5.3 MEDIUM |
| An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly. | |||||
| CVE-2020-15387 | 1 Broadcom | 2 Brocade Sannav, Fabric Operating System | 2021-08-23 | 5.8 MEDIUM | 7.4 HIGH |
| The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. | |||||
| CVE-2017-16632 | 1 Sapphireims | 1 Sapphireims | 2021-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| In SapphireIMS 4097_1, the password in the database is stored in Base64 format. | |||||
| CVE-2021-23982 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-08-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9. | |||||
| CVE-2013-7286 | 1 Att | 2 Mobileiron Sentry, Mobileiron Virtual Smartphone Platform | 2021-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm | |||||