Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-06 | CVE-2021-44878 | Improper Verification of Cryptographic Signature vulnerability in Pac4J If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the "idtoken" response type which is not secure and violates the OpenID Core Specification. | 7.5 |
| 2021-12-30 | CVE-2021-20156 | Improper Verification of Cryptographic Signature vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. | 6.5 |
| 2021-12-13 | CVE-2020-16156 | Improper Verification of Cryptographic Signature vulnerability in multiple products CPAN 2.28 allows Signature Verification Bypass. | 7.8 |
| 2021-12-13 | CVE-2020-16154 | Improper Verification of Cryptographic Signature vulnerability in multiple products The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. | 7.8 |
| 2021-11-17 | CVE-2021-0152 | Improper Verification of Cryptographic Signature vulnerability in Intel products Improper verification of cryptographic signature in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2021-11-11 | CVE-2021-34420 | Improper Verification of Cryptographic Signature vulnerability in Zoom Client for Meetings The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. | 7.4 |
| 2021-11-09 | CVE-2021-43568 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Elixir Ecdsa 1.0.0 The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
| 2021-11-09 | CVE-2021-43569 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Dotnet 1.3.2 The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
| 2021-11-09 | CVE-2021-43570 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Java 1.0.0 The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
| 2021-11-09 | CVE-2021-43571 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Node 1.1.2 The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |