Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2020-15705 | Improper Verification of Cryptographic Signature vulnerability in multiple products GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. | 6.4 |
| 2020-07-24 | CVE-2020-10608 | Improper Verification of Cryptographic Signature vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. | 7.8 |
| 2020-07-21 | CVE-2016-7064 | Improper Verification of Cryptographic Signature vulnerability in Pritunl Pritunl-Client A flaw was found in pritunl-client before version 1.0.1116.6. | 7.5 |
| 2020-07-09 | CVE-2020-15093 | Improper Verification of Cryptographic Signature vulnerability in Amazon Tough The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. | 8.6 |
| 2020-07-06 | CVE-2020-9226 | Improper Verification of Cryptographic Signature vulnerability in Huawei P30 Firmware HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. | 5.5 |
| 2020-07-02 | CVE-2020-15091 | Improper Verification of Cryptographic Signature vulnerability in Tendermint TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. | 6.5 |
| 2020-06-29 | CVE-2020-2021 | Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Pan-Os When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. | 10.0 |
| 2020-06-26 | CVE-2020-9047 | Improper Verification of Cryptographic Signature vulnerability in Johnsoncontrols products A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. | 7.2 |
| 2020-06-25 | CVE-2020-15302 | Improper Verification of Cryptographic Signature vulnerability in Argent Recoverymanager In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery function does not require any signatures in the zero-guardian case, which allows attackers to cause a denial of service (locking) or a takeover. | 7.5 |
| 2020-06-22 | CVE-2020-14966 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. | 7.5 |