Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-20568 | Improper Verification of Cryptographic Signature vulnerability in multiple products Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution. | 6.7 |
| 2023-11-13 | CVE-2023-5747 | Improper Verification of Cryptographic Signature vulnerability in Hanwhavision products Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. | 8.8 |
| 2023-10-27 | CVE-2023-34058 | Improper Verification of Cryptographic Signature vulnerability in multiple products VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | 7.5 |
| 2023-10-23 | CVE-2023-28796 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector 1.3/1.3.0.31/1.3.1 Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. | 7.8 |
| 2023-10-23 | CVE-2023-28804 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105 | 5.3 |
| 2023-10-23 | CVE-2023-46324 | Improper Verification of Cryptographic Signature vulnerability in Free5Gc UDM pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. | 7.5 |
| 2023-09-27 | CVE-2023-43660 | Improper Verification of Cryptographic Signature vulnerability in Warpgate Project Warpgate Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. | 8.1 |
| 2023-08-31 | CVE-2023-41744 | Improper Verification of Cryptographic Signature vulnerability in Acronis Agent and Cyber Protect Local privilege escalation due to unrestricted loading of unsigned libraries. | 7.8 |
| 2023-08-31 | CVE-2023-28801 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Internet Access Admin Portal 6.2 An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r. | 9.8 |
| 2023-08-29 | CVE-2023-23772 | Improper Verification of Cryptographic Signature vulnerability in Motorola Mbts Site Controller Firmware R05.32.58 Motorola MBTS Site Controller fails to check firmware update authenticity. | 8.8 |