Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-24 | CVE-2022-41340 | Improper Verification of Cryptographic Signature vulnerability in Secp256K1-Js Project Secp256K1-Js 1.0.0/1.0.1 The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | 7.5 |
| 2022-09-02 | CVE-2021-35097 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.8 |
| 2022-09-02 | CVE-2021-35113 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 6.8 |
| 2022-08-29 | CVE-2021-40326 | Improper Verification of Cryptographic Signature vulnerability in Foxit PDF Editor, PDF Reader and Phantompdf Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. | 5.5 |
| 2022-08-17 | CVE-2022-28751 | Improper Verification of Cryptographic Signature vulnerability in Zoom Meetings The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. | 7.8 |
| 2022-07-26 | CVE-2022-31206 | Improper Verification of Cryptographic Signature vulnerability in Omron products The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. | 9.8 |
| 2022-07-26 | CVE-2022-31207 | Improper Verification of Cryptographic Signature vulnerability in Omron products The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. | 9.8 |
| 2022-07-22 | CVE-2022-31172 | Improper Verification of Cryptographic Signature vulnerability in Openzeppelin Contracts OpenZeppelin Contracts is a library for smart contract development. | 7.5 |
| 2022-07-14 | CVE-2022-31156 | Improper Verification of Cryptographic Signature vulnerability in Gradle Gradle is a build tool. | 4.4 |
| 2022-07-01 | CVE-2022-25898 | Improper Verification of Cryptographic Signature vulnerability in Jsrsasign Project Jsrsasign The package jsrsasign before 10.5.25 are vulnerable to Improper Verification of Cryptographic Signature when JWS or JWT signature with non Base64URL encoding special characters or number escaped characters may be validated as valid by mistake. | 9.8 |