Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-327 (使用已被攻破或存在风险的密码学算法) — Vulnerability Class 254

254 vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68701 Jervis has Deterministic AES IV Derivation from Passphrase — jervis 6.5AIMediumAI2026-01-13
CVE-2025-68698 Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability — jervis 7.5AIHighAI2026-01-13
CVE-2026-20833 Windows Kerberos Information Disclosure Vulnerability — Windows Server 2008 R2 Service Pack 1 5.5 Medium2026-01-13
CVE-2026-21444 libtpms returns wrong initialization vector when certain symmetric ciphers are used — libtpms 5.5 Medium2026-01-02
CVE-2025-14175 Weak Algorithm Support in SSH Server on TL-WR820N — TL-WR820N v2.8 6.5 -2025-12-29
CVE-2021-47712 Kentico Xperience <= 12.0.102 URL Hashing Cryptography Vulnerability — Xperience 7.5 High2025-12-18
CVE-2025-14764 Amazon S3 Encryption Client 安全漏洞 — S3 Encryption Client for Go 5.3 Medium2025-12-17
CVE-2025-14763 Amazon S3 Encryption Client 安全漏洞 — S3 Encryption Client for Java 5.3 Medium2025-12-17
CVE-2025-14762 AWS SDK for Ruby 安全漏洞 — AWS SDK for Ruby 5.3 Medium2025-12-17
CVE-2025-14761 Amazon AWS SDK for PHP 安全漏洞 — AWS SDK for PHP 5.3 Medium2025-12-17
CVE-2025-14760 AWS SDK for C++ 安全漏洞 — AWS SDK for C++ 5.3 Medium2025-12-17
CVE-2025-14759 Amazon S3 Encryption Client for .NET 安全漏洞 — S3 Encryption Client for .NET 5.3 Medium2025-12-17
CVE-2025-54981 Apache StreamPark: Weak Encryption Algorithm in StreamPark — Apache StreamPark 7.5AIHighAI2025-12-12
CVE-2025-66017 CGGMP21 presignatures can be used in the way that significantly reduces security — cggmp21 7.5AIHighAI2025-11-25
CVE-2025-36150 IBM Concert Information Disclosure — Concert 5.9 Medium2025-11-24
CVE-2025-36161 IBM Concert Software Information Disclosure — Concert 5.9 Medium2025-11-20
CVE-2025-9317 AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm — Edge 8.4 High2025-11-14
CVE-2025-64429 DuckDB Encryption Crypto implementation is vulnerable — duckdb 9.1 -2025-11-12
CVE-2025-43723 Dell PowerScale OneFS 加密问题漏洞 — PowerScale OneFS 5.9 Medium2025-11-10
CVE-2025-34519 Ilevia EVE X1 Server 4.7.18.0.eden Insecure Hashing Algorithm — EVE X1 Server 9.1AICriticalAI2025-10-16
CVE-2025-43909 Dell PowerProtect Data Domain 加密问题漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 3.7 Low2025-10-07
CVE-2025-43913 Dell PowerProtect Data Domain 加密问题漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 5.3 Medium2025-10-07
CVE-2025-43891 Dell PowerProtect Data Domain 加密问题漏洞 — PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release 5.3 Medium2025-10-07
CVE-2025-34208 Vasion Print (formerly PrinterLogic) Insecure Password Hashing — Print Virtual Appliance Host 7.5AIHighAI2025-10-02
CVE-2025-59745 Multiple vulnerabilities in AndSoft's e-TMS — e-TMS 9.8 -2025-10-02
CVE-2025-59484 AutomationDirect CLICK PLUS Use of a Broken or Risky Cryptographic Algorithm — CLICK PLUS C0-0x CPU firmware 8.3 High2025-09-23
CVE-2024-45671 IBM Security Verify Information Queue information disclosure — Security Verify Information Queue 5.9 Medium2025-09-10
CVE-2025-9828 Tenda CP6 uhttp sub_2B7D04 risky encryption — CP6 3.7 Low2025-09-02
CVE-2025-33084 IBM Concert Software information disclosure — Concert Software 5.9 Medium2025-09-01
CVE-2025-33102 IBM Concert Software information disclosure — Concert Software 5.9 Medium2025-09-01

Vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法) represent 254 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.