Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2024-1149 | Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2. | 5.5 |
| 2024-02-08 | CVE-2024-1150 | Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 7.3.1. | 5.5 |
| 2024-01-31 | CVE-2024-21917 | Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. | 9.1 |
| 2024-01-19 | CVE-2024-23680 | Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures. | 5.3 |
| 2024-01-17 | CVE-2023-44077 | Improper Verification of Cryptographic Signature vulnerability in Studionetworksolutions Sharebrowser Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636. | 9.8 |
| 2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in GNU Gnutls A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
| 2024-01-12 | CVE-2016-20021 | Improper Verification of Cryptographic Signature vulnerability in Gentoo Portage In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. | 9.8 |
| 2024-01-11 | CVE-2024-21669 | Improper Verification of Cryptographic Signature vulnerability in Hyperledger Aries Cloud Agent Hyperledger Aries Cloud Agent Python (ACA-Py) is a foundation for building decentralized identity applications and services running in non-mobile environments. | 8.8 |
| 2024-01-09 | CVE-2023-5347 | Improper Verification of Cryptographic Signature vulnerability in Korenix products An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01. | 9.1 |
| 2024-01-04 | CVE-2022-3864 | Improper Verification of Cryptographic Signature vulnerability in Hitachienergy products A vulnerability exists in the Relion update package signature validation. | 4.5 |