Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8190 | Improper Verification of Cryptographic Signature vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv) FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. | 6.7 |
| 2017-11-22 | CVE-2017-8177 | Improper Verification of Cryptographic Signature vulnerability in Huawei Hiwallet Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. | 5.3 |
| 2017-11-20 | CVE-2017-11400 | Improper Verification of Cryptographic Signature vulnerability in Belden Tofino Xenon Security Appliance Firmware 3.1.0 An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. | 6.8 |
| 2017-11-16 | CVE-2017-16853 | Improper Verification of Cryptographic Signature vulnerability in multiple products The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka CPPOST-105. | 8.1 |
| 2017-11-16 | CVE-2017-16852 | Improper Verification of Cryptographic Signature vulnerability in multiple products shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka SSPCPP-763. | 8.1 |
| 2017-10-27 | CVE-2017-5066 | Improper Verification of Cryptographic Signature vulnerability in multiple products Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page. | 6.5 |
| 2017-08-20 | CVE-2017-12974 | Improper Verification of Cryptographic Signature vulnerability in Connect2Id Nimbus Jose+Jwt Nimbus JOSE+JWT before 4.36 proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve, which allows attackers to conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation. | 7.5 |
| 2017-06-30 | CVE-2017-10669 | Improper Verification of Cryptographic Signature vulnerability in Xoev Osci Transport Library 1.6/1.6.1 Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). | 6.5 |
| 2017-05-16 | CVE-2014-9934 | Improper Verification of Cryptographic Signature vulnerability in Google Android A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | 7.8 |
| 2017-04-02 | CVE-2017-2423 | Improper Verification of Cryptographic Signature vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.8 |