Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-23 | CVE-2019-5592 | Improper Verification of Cryptographic Signature vulnerability in Fortinet Fortios IPS Engine Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position. | 5.9 |
| 2019-08-22 | CVE-2019-9154 | Improper Verification of Cryptographic Signature vulnerability in Openpgpjs Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed. | 7.5 |
| 2019-08-22 | CVE-2019-9153 | Improper Verification of Cryptographic Signature vulnerability in Openpgpjs Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature. | 7.5 |
| 2019-08-14 | CVE-2019-10201 | Improper Verification of Cryptographic Signature vulnerability in Redhat Keycloak and Single Sign-On It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. | 8.1 |
| 2019-08-13 | CVE-2019-5299 | Improper Verification of Cryptographic Signature vulnerability in Huawei Hima-Al00B Firmware 9.0.0.200(C00E200R2P1) Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. | 7.8 |
| 2019-08-02 | CVE-2017-18407 | Improper Verification of Cryptographic Signature vulnerability in Cpanel cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279). | 4.8 |
| 2019-07-25 | CVE-2019-2278 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm products User keystore signature is ignored in boot and can lead to bypass boot image signature verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in MDM9607, MDM9640, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SDM660 | 7.8 |
| 2019-07-25 | CVE-2019-1010161 | Improper Verification of Cryptographic Signature vulnerability in Perl-Crypt-Jwt Project Perl-Crypt-Jwt perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. | 9.8 |
| 2019-07-18 | CVE-2019-1010279 | Improper Verification of Cryptographic Signature vulnerability in Oisf Suricata Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. | 7.5 |
| 2019-07-17 | CVE-2019-1010263 | Improper Verification of Cryptographic Signature vulnerability in Perl Crypt::Jwt Project Perl Crypt::Jwt Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. | 9.8 |