Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2021-02-25 CVE-2021-3406 A flaw was found in keylime 5.8.1 and older. 0.0
2021-02-17 CVE-2021-1366 Improper Verification of Cryptographic Signature vulnerability in Cisco Anyconnect Secure Mobility Client
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client.
local
cisco CWE-347
6.9
2021-02-10 CVE-2021-3033 Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Prisma Cloud
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console.
network
low complexity
paloaltonetworks CWE-347
7.5
2021-02-09 CVE-2021-21474 Improper Verification of Cryptographic Signature vulnerability in SAP Hana Database 1.00/2.00
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database.
network
low complexity
sap CWE-347
5.5
2021-02-04 CVE-2021-1244 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device.
local
low complexity
cisco CWE-347
4.6
2021-02-04 CVE-2021-1136 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device.
local
low complexity
cisco CWE-347
4.6
2021-01-26 CVE-2020-27540 Improper Verification of Cryptographic Signature vulnerability in Company Cs-C2Shw Firmware 5.0.082.1
Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1.
network
low complexity
company CWE-347
7.5
2021-01-21 CVE-2021-21239 Improper Verification of Cryptographic Signature vulnerability in Pysaml2 Project Pysaml2
PySAML2 is a pure python implementation of SAML Version 2 Standard.
4.3
2021-01-21 CVE-2021-21238 Improper Verification of Cryptographic Signature vulnerability in Pysaml2 Project Pysaml2
PySAML2 is a pure python implementation of SAML Version 2 Standard.
4.3
2021-01-07 CVE-2018-18689 Improper Verification of Cryptographic Signature vulnerability in multiple products
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures.
5.0