Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-20 | CVE-2024-37532 | Improper Verification of Cryptographic Signature vulnerability in IBM Websphere Application Server 8.5.0.0/9.0.0.0 IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation. | 8.8 |
| 2024-06-14 | CVE-2024-21988 | Improper Verification of Cryptographic Signature vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation. | 5.3 |
| 2024-06-09 | CVE-2024-37568 | Improper Verification of Cryptographic Signature vulnerability in Authlib lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. | 7.5 |
| 2024-02-13 | CVE-2024-21491 | Improper Verification of Cryptographic Signature vulnerability in Svix Svix-Webhooks Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. | 6.5 |
| 2024-02-08 | CVE-2024-1149 | Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow Software Inventory Agent on Windows, Snow Software Inventory Agent on Linux allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 6.12.0; Inventory Agent: through 6.14.5; Inventory Agent: through 6.7.2. | 5.5 |
| 2024-02-08 | CVE-2024-1150 | Improper Verification of Cryptographic Signature vulnerability in Snowsoftware Snow Inventory Agent Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows File Manipulation through Snow Update Packages.This issue affects Inventory Agent: through 7.3.1. | 5.5 |
| 2024-01-31 | CVE-2024-21917 | Improper Verification of Cryptographic Signature vulnerability in Rockwellautomation Factorytalk Services Platform A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. | 9.1 |
| 2024-01-19 | CVE-2024-23680 | Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures. | 5.3 |
| 2024-01-17 | CVE-2023-44077 | Improper Verification of Cryptographic Signature vulnerability in Studionetworksolutions Sharebrowser Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636. | 9.8 |
| 2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |