Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-19 | CVE-2020-12244 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. | 7.5 |
| 2020-05-14 | CVE-2020-12046 | Improper Verification of Cryptographic Signature vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 5.7 |
| 2020-05-14 | CVE-2020-12042 | Improper Verification of Cryptographic Signature vulnerability in Opto22 Softpac Project 9.6 Opto 22 SoftPAC Project Version 9.6 and prior. | 6.5 |
| 2020-05-13 | CVE-2020-5407 | Improper Verification of Cryptographic Signature vulnerability in Pivotal Software Spring Security Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. | 8.8 |
| 2020-05-06 | CVE-2020-3308 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. | 4.9 |
| 2020-04-16 | CVE-2019-10575 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm Sda845 Firmware, Sdm845 Firmware and Sdm850 Firmware Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850 | 7.8 |
| 2020-04-15 | CVE-2020-1026 | Improper Verification of Cryptographic Signature vulnerability in Microsoft Research Javascript Cryptography Library 1.4 A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography (ECC) implementation.An attacker could potentially abuse these bugs to learn information about a server’s private ECC key (a key leakage attack) or craft an invalid ECDSA signature that nevertheless passes as valid.The security update addresses the vulnerability by fixing the bugs disclosed in the ECC implementation, aka 'MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability'. | 9.8 |
| 2020-04-07 | CVE-2016-11044 | Improper Verification of Cryptographic Signature vulnerability in Google Android 5.0/5.1/6.0 An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. | 7.8 |
| 2020-03-30 | CVE-2019-17561 | Improper Verification of Cryptographic Signature vulnerability in multiple products The "Apache NetBeans" autoupdate system does not fully validate code signatures. | 7.5 |
| 2020-03-27 | CVE-2015-7336 | Improper Verification of Cryptographic Signature vulnerability in Lenovo System Update MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.5 |