CVEs classified under CWE-757, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2024-4995 — CVSS 9.8 (critical): Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication…
CVE-2024-38883 — CVSS 9.1 (critical): An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker…
CVE-2019-14887 — CVSS 9.1 (critical): A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't…
CVE-2024-8773: SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication…
CVE-2018-25029 — CVSS 8.1 (high): The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within…
CVE-2025-10693: When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This…
CVE-2026-32650 — CVSS 7.5 (high): Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials…
CVE-2022-23000 — CVSS 7.3 (high): The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules…
CVE-2019-16791 — CVSS 6.9 (medium): In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade…
CVE-2026-2673 — CVSS 6.5 (medium): Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group…
CVE-2024-20069 — CVSS 6.5 (medium): In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead…
CVE-2023-2974 — CVSS 6.5 (medium): A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is…
CVE-2021-36326 — CVSS 6.5 (medium): Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote…
CVE-2020-16200 — CVSS 6.5 (medium): Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited…
CVE-2017-9267 — CVSS 6.5 (medium): In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used…
CVE-2026-6092 — CVSS 5.3 (medium): When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC.
CVE-2026-1677 — CVSS 5.3 (medium): Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig…
CVE-2025-36582 — CVSS 4.8 (medium): Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')…
CVE-2026-6550 — CVSS 4.7 (medium): Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version…
CVE-2025-59270 — CVSS 3.1 (low): psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication…