Vulnerabilities > Improper Verification of Cryptographic Signature
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-07 | CVE-2020-26122 | Improper Verification of Cryptographic Signature vulnerability in Inspur products Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. | 7.2 |
2020-12-02 | CVE-2020-26244 | Improper Verification of Cryptographic Signature vulnerability in Python Openid Connect Project Python Openid Connect Python oic is a Python OpenID Connect implementation. | 6.8 |
2020-11-30 | CVE-2020-29438 | Improper Verification of Cryptographic Signature vulnerability in Tesla Model X Firmware Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. | 6.5 |
2020-11-09 | CVE-2020-8133 | Improper Verification of Cryptographic Signature vulnerability in Nextcloud Server 19.0.1 A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file. | 5.3 |
2020-11-02 | CVE-2020-28045 | Improper Verification of Cryptographic Signature vulnerability in PAX Prolinos 2.4.161.8859R An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. | 7.8 |
2020-11-02 | CVE-2020-28042 | Improper Verification of Cryptographic Signature vulnerability in Servicestack ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature. | 5.3 |
2020-10-29 | CVE-2020-11488 | Improper Verification of Cryptographic Signature vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution. | 6.7 |
2020-10-27 | CVE-2019-8901 | Improper Verification of Cryptographic Signature vulnerability in Apple Ipados and Iphone OS This issue was addressed by verifying host keys when connecting to a previously-known SSH server. | 6.5 |
2020-10-21 | CVE-2020-15240 | Improper Verification of Cryptographic Signature vulnerability in Auth0 Omniauth-Auth0 2.3.0/2.3.1/2.4.0 omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. | 9.1 |
2020-10-02 | CVE-2020-12676 | Improper Verification of Cryptographic Signature vulnerability in Fusionauth Samlv2 0.2.3 FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack". | 9.1 |