Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2018-18688 | Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity code-industry foxitsoftware gonitro iskysoft libreoffice nuance qoppa soft-xpansion CWE-347 | 5.3 |
| 2020-12-09 | CVE-2020-28086 | Improper Verification of Cryptographic Signature vulnerability in Zx2C4 Password-Store pass through 1.7.3 has a possibility of using a password for an unintended resource. | 7.5 |
| 2020-12-07 | CVE-2020-26122 | Improper Verification of Cryptographic Signature vulnerability in Inspur products Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. | 7.2 |
| 2020-12-02 | CVE-2020-26244 | Improper Verification of Cryptographic Signature vulnerability in Python Openid Connect Project Python Openid Connect Python oic is a Python OpenID Connect implementation. | 6.8 |
| 2020-11-30 | CVE-2020-29438 | Improper Verification of Cryptographic Signature vulnerability in Tesla Model X Firmware Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. | 6.5 |
| 2020-11-09 | CVE-2020-8133 | Improper Verification of Cryptographic Signature vulnerability in Nextcloud Server 19.0.1 A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file. | 5.3 |
| 2020-11-02 | CVE-2020-28045 | Improper Verification of Cryptographic Signature vulnerability in PAX Prolinos 2.4.161.8859R An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. | 7.8 |
| 2020-11-02 | CVE-2020-28042 | Improper Verification of Cryptographic Signature vulnerability in Servicestack ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature. | 5.3 |
| 2020-10-29 | CVE-2020-11488 | Improper Verification of Cryptographic Signature vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution. | 6.7 |
| 2020-10-27 | CVE-2019-8901 | Improper Verification of Cryptographic Signature vulnerability in Apple Ipados and Iphone OS This issue was addressed by verifying host keys when connecting to a previously-known SSH server. | 6.5 |