Falhas do tipo CWE-326

175 resultados
CVE-2024-32758CRITICALexacqVision - Key exchangesEPSS 0.4%CVE-2024-23656HIGHDex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphersEPSS 0.4%CVE-2018-25272CRITICALELBA5 5.8.0 Remote Code Execution via Database AccessEPSS 0.4%CVE-2020-1982MEDIUMPAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered servicesEPSS 0.4%CVE-2001-1546HIGHPathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwEPSS 0.4%CVE-2024-28755MEDIUMAn issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum EPSS 0.4%CVE-2021-21387HIGHPartial secret key disclosure, improper safety number calculation, & inadequate encryption strengthEPSS 0.4%CVE-2021-32945HIGHMDT AutoSave Inadequate Encryption StrengthEPSS 0.4%CVE-2021-36337MEDIUMDell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible tEPSS 0.4%CVE-2022-24318A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted communication with the server when outdated veEPSS 0.4%CVE-2025-20667MEDIUMIn Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if aEPSS 0.4%CVE-2023-41305Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of tEPSS 0.4%CVE-2021-37209MEDIUMA vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All vEPSS 0.4%CVE-2024-42163HIGHPassword ManipulationEPSS 0.3%CVE-2019-18241In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server runningEPSS 0.3%CVE-2023-29549MEDIUMUnder certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. This may have created a vulnEPSS 0.3%CVE-2021-38464MEDIUMInHand Networks IR615 RouterEPSS 0.3%CVE-2022-2758MEDIUMUpdateEPSS 0.3%CVE-2018-16499In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using manEPSS 0.3%CVE-2024-29950HIGHBrocade SANnav before v2.3.1, v2.3.0a uses weak encryptionEPSS 0.3%