Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-02 | CVE-2017-18122 | Improper Verification of Cryptographic Signature vulnerability in multiple products A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. | 6.8 |
| 2018-01-23 | CVE-2017-15090 | Improper Verification of Cryptographic Signature vulnerability in Powerdns Recursor An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. | 4.3 |
| 2018-01-13 | CVE-2018-0486 | Improper Verification of Cryptographic Signature vulnerability in multiple products Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD. | 6.4 |
| 2018-01-04 | CVE-2018-0114 | Improper Verification of Cryptographic Signature vulnerability in Cisco Node-Jose A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. | 5.0 |
| 2017-12-27 | CVE-2017-17848 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in Enigmail before 1.9.9. | 5.0 |
| 2017-12-27 | CVE-2017-17847 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in Enigmail before 1.9.9. | 7.5 |
| 2017-11-30 | CVE-2017-12333 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. | 4.6 |
| 2017-11-30 | CVE-2017-12331 | Improper Verification of Cryptographic Signature vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. | 7.2 |
| 2017-11-22 | CVE-2017-8190 | Improper Verification of Cryptographic Signature vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv) FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. | 4.6 |
| 2017-11-22 | CVE-2017-8177 | Improper Verification of Cryptographic Signature vulnerability in Huawei Hiwallet Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. | 5.0 |