Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CWE-310 (加密问题) — Vulnerability Class 52

52 vulnerabilities classified as CWE-310 (加密问题). AI Chinese analysis included.

This page documents the aggregation of security vulnerabilities associated with the Common Weakness Enumeration identifier CWE-310, which pertains to Cryptographic Issues involving the improper handling of encryption keys. The content compiled here encompasses a wide array of vulnerabilities that stem from weaknesses in the management, storage, or transmission of cryptographic materials, covering releases and advisories issued between 2015 and 2024. By reviewing this curated dataset, users can effectively track specific vendor advisories to stay informed about emerging risks, gain a deeper understanding of the structural implications of this weakness class across different software ecosystems, and investigate the historical vulnerability patterns of individual products to assess long-term security hygiene. The data focuses exclusively on verified issues where the root cause is linked to key management flaws, such as hardcoding keys, weak key generation, or insufficient protection mechanisms. This resource serves as a neutral reference point for security analysts, developers, and auditors who need to contextualize these defects within broader application security frameworks without promotional bias. Through the systematic collection of public reports and vendor notifications, this aggregation aims to provide clarity on how CWE-310 manifests in real-world scenarios, highlighting the critical need for robust cryptographic practices to prevent unauthorized access and data breaches.

CVE IDTitleCVSSSeverityPublished
CVE-2026-49000 Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product — ZXUniPOS NDS-LTE 7.0 High2026-05-27
CVE-2025-21482 Cryptographic Issues in Core — Snapdragon 7.1 High2025-09-24
CVE-2025-48823 Windows Cryptographic Services Information Disclosure Vulnerability — Windows 10 Version 1507 5.9 Medium2025-07-08
CVE-2025-21422 Cryptographic Issues in Automotive — Snapdragon 7.1 High2025-07-08
CVE-2024-38408 Cryptographic Issues in BT Controller — Snapdragon 8.2 High2024-11-04
CVE-2024-26228 Windows Cryptographic Services Security Feature Bypass Vulnerability — Windows 10 Version 1809 7.8 High2024-04-09
CVE-2024-20690 Windows Nearby Sharing Spoofing Vulnerability — Windows 10 Version 1809 6.5 Medium2024-01-09
CVE-2023-33037 Cryptographic Issues in Automotive — Snapdragon 7.1 High2024-01-02
CVE-2023-44303 Robware RVTools 安全漏洞 — RVTools 7.5 High2023-11-24
CVE-2022-22076 Cryptographic issue in Core — Snapdragon 7.1 High2023-06-06
CVE-2022-45453 Acronis Cyber Protect 加密问题漏洞 — Acronis Cyber Protect 15 7.5 -2023-05-18
CVE-2023-23919 Node.js 安全漏洞 — Node 7.5 -2023-02-23
CVE-2022-40675 Fortinet FortiNAC 加密问题漏洞 — FortiNAC 6.0 Medium2023-02-16
CVE-2022-4610 Click Studios Passwordstate risky encryption — Passwordstate 1.9 Low2022-12-19
CVE-2021-4258 whohas Package Information cleartext transmission — whohas 3.7 Low2022-12-19
CVE-2022-32222 Node.js 代码问题漏洞 — Node 8.2 -2022-07-14
CVE-2022-23719 PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service used to capture security key requests — PingID Windows Login 7.2 High2022-06-30
CVE-2021-41995 PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks — PingID Mac Login 7.7 High2022-06-30
CVE-2022-23724 PingID Integration for Windows Login MFA Bypass — PingID Integration for Windows Login 6.4 Medium2022-05-04
CVE-2021-42001 PingID Desktop encryption libraries misconfiguration can lead to sensitive data exposure — PingID Desktop 8.0 High2022-04-30
CVE-2021-41994 PingID iOS mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks — PingID Mobile Application 6.6 Medium2022-04-30
CVE-2021-41993 PingID Android mobile application prior to 1.19 vulnerable to pre-computed dictionary attacks — PingID Mobile Application 6.6 Medium2022-04-30
CVE-2021-41992 PingID Windows Login RSA cryptographic weakness with possible offline MFA bypass — PingID Windows Login 7.7 High2022-04-30
CVE-2021-22947 Migration Toolkit For Containers 数据伪造问题漏洞 — https://github.com/curl/curl 5.9 -2021-09-29
CVE-2020-8897 Robustness weakness in AWS KMS and Encryption SDKs — AWS SDK 4.8 Medium2020-11-16
CVE-2020-8150 Nextcloud 加密问题漏洞 — Nextcloud Server 4.4 -2020-11-09
CVE-2020-8173 Nextcloud 加密问题漏洞 — Nextcloud Server 4.9 -2020-10-30
CVE-2020-3389 Cisco Hyperflex HX-Series Software Weak Storage Vulnerability — Cisco HyperFlex HX Data Platform 6.0 -2020-08-26
CVE-2019-3731 Dell RSA BSAFE Micro Edition Suite 信息泄露漏洞 — RSA BSAFE Crypto-C Micro Edition 6.5 -2019-09-30
CVE-2019-3740 DELL RSA BSAFE Crypto-J 加密问题漏洞 — RSA BSAFE Crypto-J 6.5 -2019-09-18

Vulnerabilities classified as CWE-310 (加密问题) represent 52 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.