Vulnerabilities > Improper Verification of Cryptographic Signature

DATE CVE VULNERABILITY TITLE RISK
2020-06-16 CVE-2020-14199 Improper Verification of Cryptographic Signature vulnerability in Satoshilabs Trezor Model T Firmware and Trezor ONE Firmware
BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which allows attackers to trick a user into making two signatures in certain cases, potentially leading to a huge transaction fee.
network
low complexity
satoshilabs CWE-347
6.5
2020-06-07 CVE-2020-13895 Improper Verification of Cryptographic Signature vulnerability in P5-Crypt-Perl Project P5-Crypt-Perl
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1.
network
low complexity
p5-crypt-perl-project CWE-347
8.8
2020-06-04 CVE-2019-20837 Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Phantompdf
An issue was discovered in Foxit Reader and PhantomPDF before 9.5.
network
low complexity
foxitsoftware CWE-347
7.5
2020-06-04 CVE-2019-20834 Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Phantompdf
An issue was discovered in Foxit PhantomPDF before 8.3.10.
network
low complexity
foxitsoftware CWE-347
7.5
2020-06-04 CVE-2020-13810 Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Reader
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2.
network
low complexity
foxitsoftware CWE-347
7.5
2020-06-04 CVE-2020-13803 Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Phantompdf and Reader
An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0.
network
low complexity
foxitsoftware CWE-347
7.5
2020-06-03 CVE-2020-3209 Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE
A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device.
low complexity
cisco CWE-347
6.8
2020-06-02 CVE-2020-12607 Improper Verification of Cryptographic Signature vulnerability in Antonkueltz Fastecdsa
An issue was discovered in fastecdsa before 2.1.2.
network
low complexity
antonkueltz CWE-347
7.5
2020-05-22 CVE-2020-13415 Improper Verification of Cryptographic Signature vulnerability in Aviatrix Controller
An issue was discovered in Aviatrix Controller through 5.1.
network
low complexity
aviatrix CWE-347
7.5
2020-05-20 CVE-2020-9753 Improper Verification of Cryptographic Signature vulnerability in Naver Whale Browser Installer
Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash installer.
network
low complexity
naver CWE-347
critical
9.1