Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2021-04-19 CVE-2021-29455 Improper Verification of Cryptographic Signature vulnerability in Grassroot Platform
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities.
network
low complexity
grassroot CWE-347
5.0
2021-04-16 CVE-2021-29451 Portofino is an open source web development framework. 0.0
2021-04-15 CVE-2021-21405 Improper Verification of Cryptographic Signature vulnerability in Filecoin Lotus
Lotus is an Implementation of the Filecoin protocol written in Go.
network
low complexity
filecoin CWE-347
5.0
2021-04-07 CVE-2021-30246 Improper Verification of Cryptographic Signature vulnerability in Jsrsasign Project Jsrsasign
In the jsrsasign package through 10.1.13 for Node.js, some invalid RSA PKCS#1 v1.5 signatures are mistakenly recognized to be valid.
network
low complexity
jsrsasign-project CWE-347
6.4
2021-04-06 CVE-2020-36285 Improper Verification of Cryptographic Signature vulnerability in Unionpayintl Union PAY
Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites and mobile apps, via a crafted authentication code (MAC) which is generated based on a secret key which is NULL.
network
low complexity
unionpayintl CWE-347
5.0
2021-04-06 CVE-2020-36284 Improper Verification of Cryptographic Signature vulnerability in Unionpayintl Union PAY
Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites and mobile apps, via a crafted authentication code (MAC) which is generated based on a secret key which is NULL.
network
low complexity
unionpayintl CWE-347
5.0
2021-04-06 CVE-2020-23533 Improper Verification of Cryptographic Signature vulnerability in Unionpayintl Union PAY
Union Pay up to 1.2.0, for web based versions contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability, allows attackers to shop for free in merchants' websites and mobile apps, via a crafted authentication code (MAC) which is generated based on a secret key which is NULL.
network
low complexity
unionpayintl CWE-347
5.0
2021-03-24 CVE-2021-1376 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device.
local
low complexity
cisco CWE-347
7.2
2021-03-24 CVE-2021-1375 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the underlying operating system, install and boot a malicious software image, or execute unsigned binaries on an affected device.
local
low complexity
cisco CWE-347
7.2
2021-03-24 CVE-2021-1453 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE
A vulnerability in the software image verification functionality of Cisco IOS XE Software for the Cisco Catalyst 9000 Family of switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time.
local
low complexity
cisco CWE-347
7.2