Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-18 | CVE-2019-1010279 | Improper Verification of Cryptographic Signature vulnerability in Oisf Suricata Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. | 5.0 |
| 2019-07-17 | CVE-2019-1010263 | Improper Verification of Cryptographic Signature vulnerability in Perl Crypt::Jwt Project Perl Crypt::Jwt Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. | 7.5 |
| 2019-07-02 | CVE-2019-13177 | Improper Verification of Cryptographic Signature vulnerability in Django-Rest-Registration Project Django-Rest-Registration verification.py in django-rest-registration (aka Django REST Registration library) before 0.5.0 relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof the verification process. | 7.5 |
| 2019-07-02 | CVE-2019-10136 | Improper Verification of Cryptographic Signature vulnerability in Redhat Satellite and Spacewalk It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. | 4.3 |
| 2019-06-04 | CVE-2019-5300 | Improper Verification of Cryptographic Signature vulnerability in Huawei products There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. | 4.6 |
| 2019-05-22 | CVE-2019-11841 | Improper Verification of Cryptographic Signature vulnerability in multiple products A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. | 5.9 |
| 2019-05-21 | CVE-2019-12269 | Improper Verification of Cryptographic Signature vulnerability in Enigmail Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text. | 7.5 |
| 2019-05-16 | CVE-2019-8338 | Improper Verification of Cryptographic Signature vulnerability in Gpg-Pgp Project Gpg-Pgp 1.0/1.0(9) The signature verification routine in the Airmail GPG-PGP Plugin, versions 1.0 (9) and earlier, does not verify the status of the signature at all, which allows remote attackers to spoof arbitrary email signatures by crafting a signed email with an invalid signature. | 4.3 |
| 2019-05-16 | CVE-2018-12556 | Improper Verification of Cryptographic Signature vulnerability in Yarnpkg Website The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only verifies that the yarn release is signed by any (arbitrary) key in the local keyring of the user, and does not pin the signature to the yarn release key, which allows remote attackers to sign tampered yarn release packages with their own key. | 4.3 |
| 2019-05-15 | CVE-2019-1813 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. | 6.7 |