Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2022-07-01 CVE-2022-25898 Improper Verification of Cryptographic Signature vulnerability in Jsrsasign Project Jsrsasign
The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT signature with non Base64URL encoding special characters or number escaped characters may be validated as valid by mistake.
network
low complexity
jsrsasign-project CWE-347
7.5
2022-06-24 CVE-2022-1739 Improper Verification of Cryptographic Signature vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate.
local
low complexity
dominionvoting CWE-347
7.2
2022-06-13 CVE-2022-31053 Improper Verification of Cryptographic Signature vulnerability in multiple products
Biscuit is an authentication and authorization token for microservices architectures.
network
low complexity
biscuitsec clever-cloud CWE-347
7.5
2022-05-12 CVE-2022-26510 Improper Verification of Cryptographic Signature vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37.
network
low complexity
inhandnetworks CWE-347
4.0
2022-05-06 CVE-2022-24884 Improper Verification of Cryptographic Signature vulnerability in multiple products
ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify).
5.0
2022-05-03 CVE-2021-22573 Improper Verification of Cryptographic Signature vulnerability in Google Oauth Client Library for Java
The vulnerability is that IDToken verifier does not verify if token is properly signed.
network
google CWE-347
3.5
2022-04-14 CVE-2020-25166 Improper Verification of Cryptographic Signature vulnerability in Bbraun Datamodule Compactplus and Spacecom
An improper verification of the cryptographic signature of firmware updates of the B.
network
low complexity
bbraun CWE-347
7.5
2022-04-04 CVE-2021-32977 Improper Verification of Cryptographic Signature vulnerability in Aveva System Platform 2020
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.
network
low complexity
aveva CWE-347
6.5
2022-04-03 CVE-2021-30066 Improper Verification of Cryptographic Signature vulnerability in multiple products
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed.
local
low complexity
belden schneider-electric CWE-347
7.2
2022-03-30 CVE-2015-3298 Improper Verification of Cryptographic Signature vulnerability in Yubico Ykneo-Openpgp
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used.
low complexity
yubico CWE-347
5.8