Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2021-07-07 CVE-2021-35039 Improper Verification of Cryptographic Signature vulnerability in Linux Kernel
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c.
local
linux CWE-347
6.9
2021-06-24 CVE-2021-23992 Improper Verification of Cryptographic Signature vulnerability in Mozilla Thunderbird
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature.
network
mozilla CWE-347
4.3
2021-06-16 CVE-2021-32685 Improper Verification of Cryptographic Signature vulnerability in Togatech Tenvoy
tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org.
network
low complexity
togatech CWE-347
7.5
2021-06-09 CVE-2021-3196 Improper Verification of Cryptographic Signature vulnerability in Hitachi ID Bravura Security Fabric 12.1.0
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0.
network
low complexity
hitachi CWE-347
6.5
2021-06-04 CVE-2021-29500 Improper Verification of Cryptographic Signature vulnerability in Bubble Fireworks Project Bubble Fireworks
bubble fireworks is an open source java package relating to Spring Framework.
network
low complexity
bubble-fireworks-project CWE-347
5.0
2021-06-04 CVE-2021-28091 Improper Verification of Cryptographic Signature vulnerability in multiple products
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
network
low complexity
entrouvert debian CWE-347
5.0
2021-06-04 CVE-2021-33054 Improper Verification of Cryptographic Signature vulnerability in Inverse Sogo
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives.
network
low complexity
inverse CWE-347
5.0
2021-05-26 CVE-2021-22734 Improper Verification of Cryptographic Signature vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code.
network
low complexity
schneider-electric CWE-347
6.5
2021-05-26 CVE-2021-22735 Improper Verification of Cryptographic Signature vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.
network
low complexity
schneider-electric CWE-347
6.5
2021-05-26 CVE-2021-20487 Improper Verification of Cryptographic Signature vulnerability in IBM products
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
network
low complexity
ibm CWE-347
6.5