Falhas do tipo CWE-326
175 resultadosCVE-2024-22894MEDIUMAn issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3EPSS 0.7%CVE-2024-40761MEDIUMApache Answer: Avatar URL leaked user email addressesEPSS 0.7%CVE-2025-55248MEDIUM.NET, .NET Framework, and Visual Studio Information Disclosure VulnerabilityEPSS 0.7%CVE-2019-19097MEDIUMABB eSOMS: SSL medium strength Cipher SuitesEPSS 0.7%CVE-2020-14517—Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodEPSS 0.7%CVE-2020-26197HIGHDell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eaveEPSS 0.6%CVE-2018-4839—A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 EEPSS 0.6%CVE-2025-48823MEDIUMWindows Cryptographic Services Information Disclosure VulnerabilityEPSS 0.6%CVE-2024-39928HIGHApache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerabilityEPSS 0.5%CVE-2023-27389HIGHInadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrativeEPSS 0.5%CVE-2019-19101MEDIUMIncomplete communication encryption and validation in B&R Automation Studio upgrade serviceEPSS 0.5%CVE-2023-3243HIGH
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash
and utilize it to create new sessions. The hash is also a pEPSS 0.5%CVE-2021-20406LOWIBM Security Verify Information Queue information disclosureEPSS 0.5%CVE-2023-33982MEDIUMBramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accountsEPSS 0.5%CVE-2018-5461—An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS ClassEPSS 0.5%CVE-2022-45141CRITICALSince the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assuEPSS 0.5%CVE-2022-47931MEDIUMIO FinNet tss-lib before 2.0.0 allows a collision of hash values.EPSS 0.5%CVE-2021-27457—A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encrypEPSS 0.5%CVE-2023-35332MEDIUMWindows Remote Desktop Protocol Security Feature BypassEPSS 0.4%CVE-2021-35226MEDIUMHashed Credential Exposure VulnerabilityEPSS 0.4%