Weaknesses of type CWE-329
11 resultsCVE-2014-3566LOWThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for manEPSS 100.0%CVE-2008-5161LOWError handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through EPSS 15.4%CVE-2020-5408—Dictionary attack with Spring Security queryable text encryptorEPSS 1.8%CVE-2022-46397HIGHFP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable EPSS 0.6%CVE-2021-27499—Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior tEPSS 0.5%CVE-2017-3225—Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the dataEPSS 0.3%CVE-2017-3226—Das U-Boot's AES-CBC encryption feature improperly handles an error condition and may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the dataEPSS 0.3%CVE-2024-49783MEDIUMIBM OpenPages with Watson information disclosureEPSS 0.3%CVE-2022-29054LOWA missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0,EPSS 0.2%CVE-2025-2814MEDIUMCrypt::CBC versions between 1.21 and 3.05 for Perl may use insecure rand() function for cryptographic functionsEPSS 0.2%CVE-2026-45787MEDIUMelecterm's encrypt method not safe enoughEPSS 0.1%