Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-26 | CVE-2019-15796 | Improper Verification of Cryptographic Signature vulnerability in multiple products Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. | 4.7 |
| 2020-03-24 | CVE-2019-20597 | Improper Verification of Cryptographic Signature vulnerability in Google Android An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. | 9.1 |
| 2020-03-09 | CVE-2020-2146 | Improper Verification of Cryptographic Signature vulnerability in Jenkins mac Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. | 7.4 |
| 2020-02-20 | CVE-2020-9283 | Improper Verification of Cryptographic Signature vulnerability in multiple products golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. | 7.5 |
| 2020-02-19 | CVE-2020-3138 | Improper Verification of Cryptographic Signature vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading. | 6.7 |
| 2020-02-05 | CVE-2020-6174 | Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation the Update Framework TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature. | 9.8 |
| 2020-01-30 | CVE-2020-7906 | Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0 In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. | 7.5 |
| 2020-01-13 | CVE-2020-5390 | Improper Verification of Cryptographic Signature vulnerability in multiple products PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). | 7.5 |
| 2020-01-02 | CVE-2019-14859 | Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. | 9.1 |
| 2019-12-25 | CVE-2019-19962 | Improper Verification of Cryptographic Signature vulnerability in Wolfssl wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. | 7.5 |