CVE Daily
← All tags

Tag: Cryptographic Weakness

All CVEs associated with "Cryptographic Weakness". Page 4/4 • 381 CVEs.

Subscribe CVEs: RSS for “Cryptographic Weakness”  ·  RSS (High+Critical only)

About “Cryptographic Weakness”

A curated feed of “Cryptographic Weakness”-related CVEs appears below. We currently track 381 CVEs for this tag (all time). In the last 365 days, 82 were published. Average CVSS is 6.5 (all time; 6.7 over 365d), and 46% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-295 - Improper Certificate Validation, CWE-326 - Inadequate Encryption Strength, CWE-287 - Improper Authentication.

In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2000-03-14
High

CVE-2000-0199

When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak enc…

CVSS: 7.2 CWE: N/A View on NVD
2000-02-24
Medium

CVE-2000-0214

FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites.

CVSS: 4.6 CWE: N/A View on NVD
2000-01-12
Medium

CVE-1999-1002

Netscape Navigator uses weak encryption for storing a user's Netscape mail password.

CVSS: 5.0 CWE: N/A View on NVD
2000-01-06
Medium

CVE-2000-0084

CuteFTP uses weak encryption to store password information in its tree.dat file.

CVSS: 5.0 CWE: N/A View on NVD
1999-12-31
Medium

CVE-1999-1104

Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.

CVSS: 4.6 CWE: N/A View on NVD
1999-12-21
High

CVE-1999-1497

Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.

CVSS: 7.2 CWE: N/A View on NVD
1999-11-01
Medium

CVE-1999-0829

HP Secure Web Console uses weak encryption.

CVSS: 5.0 CWE: N/A View on NVD
1999-10-25
Medium

CVE-1999-0884

The Zeus web server administrative interface uses weak encryption for its passwords.

CVSS: 5.0 CWE: N/A View on NVD
1999-10-24
Critical

CVE-1999-0944

IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.

CVSS: 10.0 CWE: N/A View on NVD
1999-10-04
Low

CVE-1999-1540

shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.

CVSS: 2.1 CWE: N/A View on NVD
1999-07-29
High

CVE-1999-1078

WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.

CVSS: 7.5 CWE: N/A View on NVD
1999-07-10
Medium

CVE-1999-1543

MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File.

CVSS: 4.6 CWE: N/A View on NVD
1999-05-15
Low

CVE-1999-1366

Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.

CVSS: 3.6 CWE: N/A View on NVD
1999-04-09
Medium

CVE-1999-0470

A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.

CVSS: 5.0 CWE: N/A View on NVD
1999-03-04
Low

CVE-2000-0019

IMail POP3 daemon uses weak encryption, which allows local users to read files.

CVSS: 2.1 CWE: N/A View on NVD
1999-03-01
High

CVE-1999-0476

A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.

CVSS: 7.2 CWE: N/A View on NVD
1999-02-21
Critical

CVE-1999-1049

ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.

CVSS: 10.0 CWE: N/A View on NVD
1999-02-19
Medium

CVE-1999-1101

Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges.

CVSS: 4.6 CWE: N/A View on NVD
1999-01-25
Critical

CVE-1999-0356

ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book.

CVSS: 10.0 CWE: N/A View on NVD
1998-06-29
High

CVE-1999-1556

Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privil…

CVSS: 7.2 CWE: N/A View on NVD
1998-06-11
Low

CVE-1999-1271

Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.

CVSS: 2.1 CWE: N/A View on NVD