Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-326

CWE-326

Inadequate Encryption Strength

Parent: CWE-693 - Protection Mechanism Failure

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

448 vulnerabilities with CWE-326

CVE-2024-10026 MEDIUM

gVisor < 20231030.0 - Weak Hashing and Small Seed/Secret Sizes

CVE-2024-13454 MEDIUM

Easy-RSA 3.0.5-3.1.7 - Info Disclosure

CVE-2024-13026 MEDIUM

Roche Diagnostics Algorithm Suite < 2.1.2 - Inadequate Encryption Strength in Authentication Mechanism

CVE-2024-45719 LOW

Apache Answer <= 1.4.0 - Inadequate Encryption Strength via UUID v1 Token Generation

CVE-2024-52318 MEDIUM

Apache Tomcat <11.0.1-9.0.97 - Memory Corruption

CVE-2024-52317 MEDIUM

Apache Tomcat <11.0.0-M26,<10.1.30,<9.0.95 - Memory Corruption

CVE-2024-43382 MEDIUM

Snowflake JDBC 3.2.6-3.19.1 - Inadequate Encryption Strength in Client-Side Encryption

CVE-2024-50550 HIGH

LiteSpeed Cache <= 6.5.1 - Privilege Escalation via Incorrect Privilege Assignment

CVE-2024-45259 MEDIUM

GL-iNet Firmware - Unauthenticated Arbitrary File Deletion via Download Interface

CVE-2024-45273 HIGH

Helmholz and mbconnectline Devices - Weak Encryption Leading to Information Disclosure

CVE-2024-41594 HIGH

DrayTek Vigor310 <= 4.3.2.6 - Inadequate Encryption Strength via Static PRNG Seed

CVE-2024-33662 HIGH

Portainer < 2.20.2 - Inadequate Encryption Strength in AesEncrypt Function

CVE-2024-8455 HIGH

PLANET Technology - Password Cracking

CVE-2024-47182 MEDIUM

Dozzle < 8.5.3 - Inadequate Encryption Strength for Password Hashing

CVE-2024-22892 HIGH

OpenSlides 4.0.15 - Info Disclosure

CVE-2024-40761 MEDIUM

Apache Answer <1.3.5 - Info Disclosure

CVE-2024-39928 HIGH

Apache Linkis <= 1.5.0 - Inadequate Encryption Strength in Spark EngineConn Token Generation

CVE-2024-45394 HIGH

Authenticator <7.0.0 - Info Disclosure

CVE-2024-21787 MEDIUM

BMRA software < 22.08 - Authenticated Privilege Escalation via Inadequate Encryption Strength

CVE-2024-41681 MEDIUM

Siemens Location Intelligence < 4.4 - Unauthenticated Weak Cipher Configuration

CVE-2024-5800 HIGH

B&R Automation Runtime < 6.0.2 - Inadequate Encryption Strength in SSL/TLS Stack

CVE-2024-42163 HIGH

FIWARE Keyrock <= 8.4 - Inadequate Encryption Strength in Password Reset Token

CVE-2024-21881 HIGH

Enphase Envoy 4.x and 5.x - Authenticated OS Command Execution via Encrypted Package Upload

CVE-2024-40719 MEDIUM

CHANGING TCBServiSign - Weak Authorization Key Server Spoofing

CVE-2024-32758 HIGH

exacqVision Client and Server < 24.06 - Inadequate Encryption Strength

Previous Page 3 of 18 Next

Details

Vulnerabilities 448

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy