Weaknesses of type CWE-327

357 results

CVE-2013-2566MEDIUMThe RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to EPSS 84.4%CVE-2015-2808LOWThe RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initializatioEPSS 74.0%CVE-2023-28244HIGHWindows Kerberos Elevation of Privilege VulnerabilityEPSS 2.9%CVE-2020-6984CRITICALRockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versionsEPSS 2.8%CVE-2022-3365CRITICALEmote Interactive Remote Mouse Server command injection due to weak encodingEPSS 2.0%CVE-2020-11876HIGHairhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-25EPSS 1.7%CVE-2021-20305—A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result EPSS 1.6%CVE-2020-25694—A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client aEPSS 1.6%CVE-2025-2539HIGHFile Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File ReadEPSS 1.6%CVE-2024-31989CRITICALArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis CacheEPSS 1.5%CVE-2023-5347CRITICALUnauthenticated Firmware UpgradeEPSS 1.3%CVE-2021-40528MEDIUMThe ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic librariEPSS 1.3%CVE-2024-30098HIGHWindows Cryptographic Services Security Feature Bypass VulnerabilityEPSS 1.3%CVE-2022-29217HIGHKey confusion through non-blocklisted public key formats in PyJWTEPSS 1.2%CVE-2019-7477—A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher sEPSS 1.2%CVE-2018-7792HIGHA Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versionEPSS 1.1%CVE-2024-29056MEDIUMWindows Authentication Elevation of Privilege VulnerabilityEPSS 1.0%CVE-2019-10929—A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variantsEPSS 1.0%CVE-2005-4900MEDIUMSHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attaEPSS 0.9%CVE-2020-10927HIGHThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 EPSS 0.9%

← previouspage 1 / 18next →