Cryptographic Issues - Generic (CWE-310)
Improper Certificate Validation (CWE-295)
Improper Following of a Certificate's Chain of Trust (CWE-296)
Inadequate Encryption Strength (CWE-326)
Key Exchange without Entity Authentication (CWE-322)
Missing Required Cryptographic Step (CWE-325)
Reusing a Nonce, Key Pair in Encryption (CWE-323)
Reversible One-Way Hash (CWE-328)
Storing Passwords in a Recoverable Format (CWE-257)
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CWE-338)
Use of Hard-coded Cryptographic Key (CWE-321)
Use of Insufficiently Random Values (CWE-330)
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
Use of a Key Past its Expiration Date (CWE-324)
Weak Cryptography for Passwords (CWE-261)