Skip to main content

CWE-1204

Generation of Weak Initialization Vector (IV)

3 CVEs Avg CVSS 6.5 MITRE
0
CRITICAL
1
HIGH
2
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2025-0714 MEDIUM POC This Month

The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2022-26083 HIGH This Week

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via. Rated high severity (CVSS 7.5). No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives Cryptography
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-2747 MEDIUM This Month

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Gecko Software Development Kit
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via. Rated high severity (CVSS 7.5). No vendor patch available.

Intel Information Disclosure Integrated Performance Primitives Cryptography
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Gecko Software Development Kit
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy