Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-03 | CVE-2021-30066 | Improper Verification of Cryptographic Signature vulnerability in multiple products On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. | 6.8 |
| 2022-03-30 | CVE-2015-3298 | Improper Verification of Cryptographic Signature vulnerability in Yubico Ykneo-Openpgp 1.0.9 Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. | 8.8 |
| 2022-03-04 | CVE-2021-20319 | Improper Verification of Cryptographic Signature vulnerability in Redhat Coreos-Installer 0.10.0 An improper signature verification vulnerability was found in coreos-installer. | 7.8 |
| 2022-03-04 | CVE-2021-43392 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. | 6.2 |
| 2022-03-04 | CVE-2021-43393 | Improper Verification of Cryptographic Signature vulnerability in ST J-Safe3 Firmware and Stsafe-J Firmware STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. | 6.2 |
| 2022-02-09 | CVE-2021-40045 | Improper Verification of Cryptographic Signature vulnerability in Huawei Emui, Harmonyos and Magic UI There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2022-02-04 | CVE-2022-24115 | Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office and True Image Local privilege escalation due to unrestricted loading of unsigned libraries. | 7.8 |
| 2022-01-28 | CVE-2022-21134 | Improper Verification of Cryptographic Signature vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 A firmware update vulnerability exists in the "update" firmware checks functionality of reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-06 | CVE-2021-44878 | Improper Verification of Cryptographic Signature vulnerability in Pac4J If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the "idtoken" response type which is not secure and violates the OpenID Core Specification. | 7.5 |
| 2021-12-30 | CVE-2021-20156 | Improper Verification of Cryptographic Signature vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. | 6.5 |