Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2021-10-27 CVE-2021-37127 Improper Verification of Cryptographic Signature vulnerability in Huawei products
There is a signature management vulnerability in some huawei products.
network
low complexity
huawei CWE-347
7.2
2021-10-11 CVE-2021-41830 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source.
network
low complexity
apache CWE-347
7.5
2021-10-11 CVE-2021-41831 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate the timestamp of signed documents.
network
low complexity
apache CWE-347
5.3
2021-10-11 CVE-2021-41832 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source.
network
low complexity
apache CWE-347
7.5
2021-09-22 CVE-2021-31841 Improper Verification of Cryptographic Signature vulnerability in Mcafee Agent 5.0.0/5.6.6/5.7.3
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location.
local
low complexity
mcafee CWE-347
7.3
2021-09-22 CVE-2021-37927 Improper Verification of Cryptographic Signature vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
network
low complexity
zohocorp CWE-347
critical
9.8
2021-09-09 CVE-2021-34708 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system.
local
low complexity
cisco CWE-347
6.7
2021-09-09 CVE-2021-34709 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system.
local
high complexity
cisco CWE-347
6.4
2021-09-08 CVE-2021-3051 Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Cortex Xsoar
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server.
network
high complexity
paloaltonetworks CWE-347
8.1
2021-09-08 CVE-2021-1849 Improper Verification of Cryptographic Signature vulnerability in Apple products
An issue in code signature validation was addressed with improved checks.
network
low complexity
apple CWE-347
7.5