The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not …

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocol…

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine stat…

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of u…

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, whic…

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute …

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss …

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote att…

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can mo…

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build …

The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 thro…

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side…

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel at…

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles…

Information from SSL-encrypted sessions via PKCS #1.

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of…

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (comp…

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not ver…

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption…

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption ope…

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcompone…

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel …

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).…

The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of…

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an a…

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithm…

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure i…

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen …

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen …

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an inf…

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-lev…

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Or…

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equiv…

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than …

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version …

Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, wh…

GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1…

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar a…

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is con…

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, W…