Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-16 | CVE-2019-10575 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm Sda845 Firmware, Sdm845 Firmware and Sdm850 Firmware Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850 | 7.2 |
| 2020-04-07 | CVE-2016-11044 | Improper Verification of Cryptographic Signature vulnerability in Google Android 5.0/5.1/6.0 An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. | 4.6 |
| 2020-03-30 | CVE-2019-17561 | Improper Verification of Cryptographic Signature vulnerability in multiple products The "Apache NetBeans" autoupdate system does not fully validate code signatures. | 5.0 |
| 2020-03-27 | CVE-2015-7336 | Improper Verification of Cryptographic Signature vulnerability in Lenovo System Update 5.06.0027/5.06.0043/5.07.0008 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 5.0 |
| 2020-03-26 | CVE-2019-15796 | Improper Verification of Cryptographic Signature vulnerability in multiple products Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. | 2.6 |
| 2020-03-09 | CVE-2020-2146 | Improper Verification of Cryptographic Signature vulnerability in Jenkins mac Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. | 7.4 |
| 2020-02-20 | CVE-2020-9283 | Improper Verification of Cryptographic Signature vulnerability in multiple products golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. | 7.5 |
| 2020-02-19 | CVE-2020-3138 | Improper Verification of Cryptographic Signature vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure 3.11.1/3.5.1/3.5.2 A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading. | 7.2 |
| 2020-02-05 | CVE-2020-6174 | Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation the Update Framework TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature. | 7.5 |
| 2020-01-30 | CVE-2020-7906 | Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0 In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. | 5.0 |