Falhas do tipo CWE-326

175 resultados
CVE-2017-1000486CRITICALPrimetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code executionEPSS 94.1%KEVCVE-2017-11317CRITICALTelerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which aEPSS 83.5%KEVCVE-2018-18325HIGHDNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an iEPSS 74.0%KEVCVE-2018-15811HIGHDNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.EPSS 74.0%KEVCVE-2014-9199Clorius Controls A/S ISC SCADA Insecure Java Client Inadequate Encryption StrengthEPSS 2.6%CVE-2020-6966In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X EPSS 2.2%CVE-2020-25685A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), whiEPSS 2.2%CVE-2018-0448Cisco Digital Network Architecture Center Authentication Bypass VulnerabilityEPSS 2.1%CVE-2024-52317MEDIUMApache Tomcat: Request/response mix-up with HTTP/2EPSS 2.0%CVE-2018-0131A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticatedEPSS 1.7%CVE-2024-52318MEDIUMApache Tomcat: Incorrect JSP tag recycling leads to XSSEPSS 1.7%CVE-2020-26263HIGHRSA vulnerability in tslite-ngEPSS 1.3%CVE-2019-19299HIGHA vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0), SiNVR/SiVMS Video Server (All versions >= V5.0.0 < EPSS 1.2%CVE-2024-20692MEDIUMMicrosoft Local Security Authority Subsystem Service Information Disclosure VulnerabilityEPSS 1.2%CVE-2022-26307Weak Master KeysEPSS 1.1%CVE-2019-14855MEDIUMA flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use thisEPSS 1.1%CVE-2020-3549HIGHCisco Firepower Management Center Software and Firepower Threat Defense Software sftunnel Pass the Hash VulnerabilityEPSS 0.9%CVE-2023-27987CRITICALApache Linkis gateway module token authentication bypassEPSS 0.8%CVE-2022-26306Execution of Untrusted Macros Due to Improper Certificate ValidationEPSS 0.8%CVE-2014-2380Schneider Electric Wonderware Inadequate Encryption StrengthEPSS 0.8%