Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2024-06-09 CVE-2024-37568 Improper Verification of Cryptographic Signature vulnerability in Authlib
lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys.
network
low complexity
authlib CWE-347
7.5
2024-02-08 CVE-2024-1149 Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2.
local
low complexity
snowsoftware CWE-347
5.5
2024-02-08 CVE-2024-1150 Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 7.3.1.
local
low complexity
snowsoftware CWE-347
5.5
2024-01-31 CVE-2024-21917 Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory.
network
low complexity
rockwellautomation CWE-347
critical
9.1
2024-01-19 CVE-2024-23680 Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
network
low complexity
amazon CWE-347
5.3
2024-01-17 CVE-2023-44077 Improper Verification of Cryptographic Signature vulnerability in Studionetworksolutions Sharebrowser
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636.
network
low complexity
studionetworksolutions CWE-347
critical
9.8
2024-01-16 CVE-2024-0567 Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust.
network
low complexity
gnu fedoraproject netapp debian CWE-347
7.5
2024-01-12 CVE-2016-20021 Improper Verification of Cryptographic Signature vulnerability in Gentoo Portage
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification.
network
low complexity
gentoo CWE-347
critical
9.8
2024-01-11 CVE-2024-21669 Improper Verification of Cryptographic Signature vulnerability in Hyperledger Aries Cloud Agent
Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments.
network
low complexity
hyperledger CWE-347
8.8
2024-01-09 CVE-2023-5347 Improper Verification of Cryptographic Signature vulnerability in Korenix products
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
network
low complexity
korenix CWE-347
critical
9.1