Falhas do tipo CWE-326
175 resultadosCVE-2022-38659MEDIUMHCL BigFix Platform is affected by insecure credential storageEPSS 0.1%CVE-2024-13026MEDIUMInadequate Encryption Strength Vulnerability in Roche Algo EdgeEPSS 0.1%CVE-2026-44523CRITICALNote Mark: JWT Secret Weakness allows Full Account Takeover via token forgeryEPSS 0.1%CVE-2026-0510LOWObsolete Encryption Algorithm Used in NW AS Java UME User MappingEPSS 0.1%CVE-2025-2516CRITICALUse of a weak cryptographic key in the signature verification process in WPS OfficeEPSS 0.1%CVE-2024-1224HIGHInformation Disclosure Vulnerability in CDAC USB PratirodhEPSS 0.1%CVE-2025-43925MEDIUMAn issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the clearteEPSS 0.1%CVE-2025-45770HIGHjwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be seEPSS 0.1%CVE-2023-4333—Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by serverEPSS 0.1%CVE-2025-68703HIGHJervis has a Salt for PBKDF2 derived from passwordEPSS 0.1%CVE-2026-39349LOWOrangeHRM Uses AES-ECB for Sensitive Data Encryption Enables Pattern DisclosureEPSS 0.1%CVE-2023-33283MEDIUMMarval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt thEPSS 0.1%CVE-2026-45787MEDIUMelecterm's encrypt method not safe enoughEPSS 0.1%CVE-2026-5889MEDIUMCryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrEPSS 0.1%CVE-2020-16235LOWEmerson OpenEnterprise - Inadequate Encryption StrengthEPSS 0.1%CVE-2022-1318MEDIUMHills ComNav Inadequate Encryption StrengthEPSS 0.1%CVE-2023-34971HIGHQTS, QuTS heroEPSS 0.1%CVE-2026-5363MEDIUMUse of weak cryptographic key in TP-Link Archer C7EPSS 0.1%CVE-2025-39889HIGHBluetooth: l2cap: Check encryption key size on incoming connectionEPSS 0.1%CVE-2023-21145—In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in tEPSS 0.1%