Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-26100 Improper Verification of Cryptographic Signature vulnerability in Fortinet Fortimail
A missing cryptographic step in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
network
low complexity
fortinet CWE-347
7.5
2021-07-07 CVE-2021-35039 Improper Verification of Cryptographic Signature vulnerability in multiple products
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c.
local
low complexity
linux debian CWE-347
7.8
2021-07-02 CVE-2021-32738 Improper Verification of Cryptographic Signature vulnerability in Stellar Js-Stellar-Sdk
js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server.
network
low complexity
stellar CWE-347
6.5
2021-06-24 CVE-2021-23992 Improper Verification of Cryptographic Signature vulnerability in Mozilla Thunderbird
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature.
network
low complexity
mozilla CWE-347
4.3
2021-06-24 CVE-2021-23993 Improper Verification of Cryptographic Signature vulnerability in Mozilla Thunderbird
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent.
network
low complexity
mozilla CWE-347
6.5
2021-06-09 CVE-2021-3196 Improper Verification of Cryptographic Signature vulnerability in Hitachi ID Bravura Security Fabric 12.1.0
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0.
network
low complexity
hitachi CWE-347
8.8
2021-06-04 CVE-2021-28091 Improper Verification of Cryptographic Signature vulnerability in multiple products
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
network
low complexity
entrouvert debian fedoraproject CWE-347
7.5
2021-06-04 CVE-2021-33054 Improper Verification of Cryptographic Signature vulnerability in multiple products
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives.
network
low complexity
inverse debian CWE-347
7.5
2021-05-26 CVE-2021-20487 Improper Verification of Cryptographic Signature vulnerability in IBM products
IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process.
network
low complexity
ibm CWE-347
critical
9.1
2021-05-26 CVE-2021-22160 Improper Verification of Cryptographic Signature vulnerability in Apache Pulsar
If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented token is set to "none".
network
low complexity
apache CWE-347
critical
9.8