Fallos del tipo CWE-327
360 resultadosCVE-2024-39745MEDIUMIBM Sterling Connect:Direct Web Services information disclosureEPSS 0.3%CVE-2026-44053HIGHWeak cryptography in DHCAST128 UAMEPSS 0.3%CVE-2023-41097MEDIUMPotential Timing vulnerability in CBC PKCS7 padding calculationsEPSS 0.3%CVE-2025-54426CRITICALPolkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed pointsEPSS 0.3%CVE-2026-46395CRITICALHAX CMS Vulnerable to Private Key Disclosure via Broken HMAC ImplementationEPSS 0.3%CVE-2024-39583HIGHDell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthentEPSS 0.3%CVE-2023-4331—Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocolsEPSS 0.3%CVE-2024-36440MEDIUMAn issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administEPSS 0.3%CVE-2024-45193MEDIUMAn issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria (does noEPSS 0.3%CVE-2023-28509HIGHWeak encryption in UniRPC protocolEPSS 0.3%CVE-2024-22463HIGHDell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivilegedEPSS 0.3%CVE-2024-39731MEDIUMIBM Datacap Navigator information disclosureEPSS 0.3%CVE-2025-34519HIGHIlevia EVE X1 Server 4.7.18.0.eden Insecure Hashing AlgorithmEPSS 0.3%CVE-2024-28972MEDIUMDell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker EPSS 0.3%CVE-2022-34757MEDIUMA CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connectionEPSS 0.3%CVE-2024-21670MEDIUMCL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credentialEPSS 0.3%CVE-2022-38391MEDIUMIBM Spectrum Control information disclosureEPSS 0.3%CVE-2025-52026HIGHAn information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-EPSS 0.3%CVE-2024-53441CRITICALAn issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack.EPSS 0.3%CVE-2024-4765HIGHWeb application manifests were stored by using an insecure MD5 hash which allowed for a hash collision to overwrite another application's maEPSS 0.3%