CWE-310(Cryptographic Issues)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-49000 | 2026-05-27 | An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage… |
| CVE-2026-7847 | 2026-05-05 | A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_route… |
| CVE-2026-7610 | 2026-05-02 | A vulnerability has been found in TRENDnet TEW-821DAP 1.12B01. This affects an unknown function of the file /www/cgi/ssi of the component Firmware Update. Such manipulation leads to cleartext transmis… |
| CVE-2026-5682 | 2026-04-06 | A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation lead… |
| CVE-2026-4584 | 2026-03-23 | A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affects an unknown part of the component Cardholder Data Handler. Executing a manipulation can lead to cleartext transmissio… |
| CVE-2025-15603 | 2026-03-09 | A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/start_windows.bat of the component JWT Key Handler. Such manipulation of the … |
| CVE-2026-2671 | 2026-03-07 | A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation resu… |
| CVE-2026-2966 | 2026-02-23 | A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipul… |
| CVE-2026-2618 | 2026-02-17 | A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is pos… |
| CVE-2025-11640 | 2025-10-12 | A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function of the component Bluetooth Low Energy. The manipulation results in cleartext transmission of sensitive i… |
| CVE-2025-21482 | 2025-09-24 | Cryptographic issue while performing RSA PKCS padding decoding. |
| CVE-2017-20200 | 2025-09-23 | A vulnerability has been found in Coinomi up to 1.7.6. This issue affects some unknown processing. Such manipulation leads to cleartext transmission of sensitive information. The attack can be launche… |
| CVE-2025-10776 | 2025-09-22 | A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sens… |
| CVE-2025-10671 | 2025-09-18 | A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\exam-api\src\main\java\com\yf\exam\ability\shiro\jwt\J… |
| CVE-2025-9828 | 2025-09-02 | A vulnerability was determined in Tenda CP6 11.10.00.243. The affected element is the function sub_2B7D04 of the component uhttp. Executing manipulation can lead to risky cryptographic algorithm. The … |
| CVE-2025-9513 | 2025-08-27 | A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument priv_ke… |
| CVE-2025-9239 | 2025-08-20 | A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of … |
| CVE-2025-9146 | 2025-08-19 | A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to … |
| CVE-2025-8763 | 2025-08-09 | A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. Th… |
| CVE-2025-8741 | 2025-08-08 | A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation lea… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Maintenance_Notes, Relationships, Relationship_Notes, Taxonomy_Mappings |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Maintenance_Notes, Relationship_Notes, Relationships |
| 2009-10-29 | CWE Content Team | 1.6 | — | updated Relationships |
| 2010-02-16 | CWE Content Team | 1.8 | — | updated References |
| 2013-07-17 | CWE Content Team | 2.5 | — | updated Relationships |
| 2014-02-18 | CWE Content Team | 2.6 | — | updated Related_Attack_Patterns |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms, Functional_Areas, References, Related_Attack_Patterns, Relationship_Notes |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated References, Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Description, Maintenance_Notes, Relationships |
| 2021-10-28 | CWE Content Team | 4.6 | — | updated Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Maintenance_Notes, References |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |