Vulnerabilities > Improper Verification of Cryptographic Signature
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-13 | CVE-2020-16156 | Improper Verification of Cryptographic Signature vulnerability in multiple products CPAN 2.28 allows Signature Verification Bypass. | 7.8 |
2021-12-13 | CVE-2020-16154 | Improper Verification of Cryptographic Signature vulnerability in multiple products The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. | 7.8 |
2021-11-17 | CVE-2021-0152 | Improper Verification of Cryptographic Signature vulnerability in Intel products Improper verification of cryptographic signature in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
2021-11-11 | CVE-2021-34420 | Improper Verification of Cryptographic Signature vulnerability in Zoom Client for Meetings The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. | 7.4 |
2021-11-09 | CVE-2021-43568 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Elixir Ecdsa 1.0.0 The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
2021-11-09 | CVE-2021-43569 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Dotnet 1.3.2 The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
2021-11-09 | CVE-2021-43570 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Java 1.0.0 The verify function in the Stark Bank Java ECDSA library (ecdsa-java) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
2021-11-09 | CVE-2021-43571 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Node 1.1.2 The verify function in the Stark Bank Node.js ECDSA library (ecdsa-node) 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
2021-11-09 | CVE-2021-43572 | Improper Verification of Cryptographic Signature vulnerability in Starkbank Ecdsa-Python The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | 9.8 |
2021-11-05 | CVE-2021-39909 | Improper Verification of Cryptographic Signature vulnerability in Gitlab Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE starting from 11.3 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker to bypass CODEOWNERS Merge Request approval requirement under rare circumstances | 5.3 |