Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-24 | CVE-2020-13101 | Improper Verification of Cryptographic Signature vulnerability in Oasis-Open Oasis Digital Signature Services 1.0 In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML signature, when the InlineXML option is used. | 7.5 |
| 2020-08-21 | CVE-2020-10126 | Improper Verification of Cryptographic Signature vulnerability in NCR Aptra XFS 05.01.00 NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the update process looks for CAB archives on removable media and executes a specific file without first validating the signature of the CAB archive. | 7.6 |
| 2020-08-08 | CVE-2020-15827 | Improper Verification of Cryptographic Signature vulnerability in Jetbrains Toolbox 1.17/1.17.6802 In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file. | 7.5 |
| 2020-07-30 | CVE-2020-15957 | Improper Verification of Cryptographic Signature vulnerability in Dp3T-Backend-Software Development KIT Project Dp3T-Backend-Software Development KIT An issue was discovered in DP3T-Backend-SDK before 1.1.1 for Decentralised Privacy-Preserving Proximity Tracing (DP3T). | 7.5 |
| 2020-07-29 | CVE-2020-15705 | Improper Verification of Cryptographic Signature vulnerability in multiple products GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. | 6.4 |
| 2020-07-24 | CVE-2020-10608 | Improper Verification of Cryptographic Signature vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. | 7.8 |
| 2020-07-21 | CVE-2016-7064 | Improper Verification of Cryptographic Signature vulnerability in Pritunl Pritunl-Client A flaw was found in pritunl-client before version 1.0.1116.6. | 7.5 |
| 2020-07-09 | CVE-2020-15093 | Improper Verification of Cryptographic Signature vulnerability in Amazon Tough The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. | 8.6 |
| 2020-07-06 | CVE-2020-9226 | Improper Verification of Cryptographic Signature vulnerability in Huawei P30 Firmware HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. | 5.5 |
| 2020-07-02 | CVE-2020-15091 | Improper Verification of Cryptographic Signature vulnerability in Tendermint TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. | 6.5 |