| CVE |
Vendors |
Products |
Updated |
CVSS |
| CVE-2019-1338 |
1 Microsoft |
2 Windows 7, Windows Server 2008 |
2019-10-15 |
4.3 |
| A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass... |
| CVE-2019-4175 |
1 Ibm |
1 Cognos Controller |
2019-10-09 |
5.0 |
| IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158880. |
| CVE-2019-4151 |
1 Ibm |
1 Security Access Manager |
2019-10-09 |
4.3 |
| IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512. |
| CVE-2019-3907 |
1 Identicard |
1 Premisys Id |
2019-10-09 |
5.0 |
| Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password). |
| CVE-2019-12665 |
1 Cisco |
1 Ios |
2019-10-09 |
5.8 |
| A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port... |
| CVE-2019-0030 |
|
|
2019-10-09 |
4.0 |
| Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. This issue affects Juniper ATP 5.0 versions prior to 5.0.3. |
| CVE-2018-5461 |
1 Belden |
134 Hirschmann M1-8mm-sc, Hirschmann M1-8sfp, Hirschmann M1-8sm-sc and 131 more |
2019-10-09 |
5.8 |
| An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vulnerability in the web interface has been... |
| CVE-2018-2007 |
1 Ibm |
1 Api Connect |
2019-10-09 |
5.0 |
| IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 155078. |
| CVE-2018-1946 |
|
|
2019-10-09 |
5.0 |
| IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption... |
| CVE-2018-1925 |
1 Ibm |
1 Websphere Mq |
2019-10-09 |
4.3 |
| IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 152925. |
| CVE-2018-1814 |
1 Ibm |
1 Security Access Manager |
2019-10-09 |
5.0 |
| IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018. |
| CVE-2018-1785 |
1 Ibm |
2 Spectrum Protect Client, Spectrum Protect For Virtual Environments |
2019-10-09 |
5.0 |
| IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870. |
| CVE-2018-1751 |
1 Ibm |
1 Security Key Lifecycle Manager |
2019-10-09 |
5.0 |
| IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 148512. |
| CVE-2018-1665 |
1 Ibm |
1 Datapower Gateway |
2019-10-09 |
5.0 |
| IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt... |
| CVE-2018-1593 |
|
|
2019-10-09 |
5.0 |
| IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568. |
| CVE-2018-1545 |
1 Ibm |
2 Spectrum Protect Client, Spectrum Protect For Virtual Environments |
2019-10-09 |
5.0 |
| IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649. |
| CVE-2018-1518 |
1 Ibm |
2 Infosphere Information Server, Infosphere Information Server On Cloud |
2019-10-09 |
2.1 |
| IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. |
| CVE-2018-19001 |
1 Philips |
1 Healthsuite Health |
2019-10-09 |
4.6 |
| Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is not strong enough for the level of protection required. |
| CVE-2018-0448 |
|
|
2019-10-09 |
7.5 |
| A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. The... |
| CVE-2018-0131 |
1 Cisco |
2 Ios, Ios Xe |
2019-10-09 |
4.3 |
| A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session.... |
