| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2018-1518 |
1 Ibm |
2 Infosphere Information Server, Infosphere Information Server On Cloud |
2019-10-09 |
2.1 |
| IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. |
| CVE-2017-9645 |
1 Mirion |
8 Dmc 3000 Transmitter Firmware, Rds-31 Itx Firmware, Telepole 2 Firmware and 5 more |
2019-10-09 |
3.3 |
| An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM... |
| CVE-2017-9635 |
1 Schneider-electric |
1 Ampla Manufacturing Execution System |
2019-10-09 |
1.9 |
| Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's... |
| CVE-2017-2399 |
1 Apple |
1 Iphone Os |
2019-10-03 |
2.1 |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only... |
| CVE-2018-17177 |
1 Neato |
6 Botvac 85 Firmware, Botvac D3 Connected Firmware, Botvac D4 Connected Firmware and 3 more |
2018-12-07 |
2.1 |
| An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a... |
| CVE-2018-1466 |
1 Ibm |
7 Spectrum Virtualize For Public Cloud Software, Spectrum Virtualize Software, Storwize V3500 Software and 4 more |
2018-06-15 |
3.5 |
| IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that... |
| CVE-2014-0841 |
1 Ibm |
1 Rational Focal Point |
2018-06-07 |
2.1 |
| IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704. |
| CVE-2015-7449 |
1 Ibm |
8 Rational Collaborative Lifecycle Management, Rational Doors Next Generation, Rational Engineering Lifecycle Manager and 5 more |
2018-04-13 |
2.1 |
| IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15,... |
| CVE-2017-6284 |
2 Google, Nvidia |
2 Android, Shield Tv Firmware |
2018-03-27 |
2.1 |
| NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect... |
| CVE-2017-17436 |
1 Vaulteksafe |
1 Vt20i Firmware |
2017-12-22 |
3.3 |
| An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no encryption of the session between the Android application and the safe. The website and marketing materials advertise that this communication channel is... |
| CVE-2017-5160 |
1 Schneider Electric |
1 Wonderware Intouch Access Anywhere 2014 |
2017-04-26 |
3.5 |
| An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly. |
| CVE-2016-2379 |
1 Pidgin |
1 Mxit |
2017-04-10 |
3.3 |
| The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages... |
| CVE-2016-2879 |
1 Ibm |
1 Qradar Security Information And Event Manager |
2017-03-04 |
2.1 |
| IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. IBM Reference #: 1997341. |
| CVE-2016-3034 |
1 Ibm |
1 Security Appscan Source |
2017-02-13 |
2.1 |
| IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information, which could allow a local attacker to decrypt information more easily. |
