Falhas do tipo CWE-325
50 resultadosCVE-2022-20793MEDIUMCisco Touch 10 Device Insufficient Identity Verification VulnerabilityEPSS 0.4%CVE-2022-20742HIGHCisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-46129HIGHxkeys Seal encryption used fixed key for all encryptionEPSS 0.4%CVE-2022-1279MEDIUMInsecure EBICS messages encryption implementation in ebics-java/ebics-java-client could allow an adjacent attacker to decrypt EBICS payloadsEPSS 0.3%CVE-2020-10702MEDIUMA flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in EPSS 0.3%CVE-2026-45445HIGHAES-OCB IV Ignored on EVP_Cipher() PathEPSS 0.3%CVE-2022-29229MEDIUMMissing Cryptographic Step in cassprojectEPSS 0.3%CVE-2025-3938MEDIUMMissing Cryptographic StepEPSS 0.3%CVE-2022-24116CRITICALCertain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0.EPSS 0.3%CVE-2025-58359MEDIUMfrost-core: refresh shares with smaller min_signers will reduce group securityEPSS 0.3%CVE-2023-34471MEDIUMMissing Cryptographic StepEPSS 0.3%CVE-2026-42770LOWFFC-DH Peer Validation Uses Attacker-Supplied qEPSS 0.3%CVE-2026-4258HIGHAll versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validationEPSS 0.2%CVE-2025-30147HIGHALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curveEPSS 0.2%CVE-2024-55655LOWsigstore-python has insufficient validation of integration timestamp during verificationEPSS 0.2%CVE-2026-4601CRITICALVersions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash proEPSS 0.2%CVE-2026-45446MEDIUMIncorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modesEPSS 0.2%CVE-2023-40012MEDIUMuthenticode EKU validation bypassEPSS 0.2%CVE-2026-22863CRITICALDeno node:crypto doesn't finalize cipherEPSS 0.2%CVE-2026-48480MEDIUMnetty-incubator-codec-ohttp OHttpVersionChunkDraft's Missing Final-Chunk Enforcement Leads to Undetected Stream TruncationEPSS 0.2%