Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-13 | CVE-2023-28602 | Improper Verification of Cryptographic Signature vulnerability in Zoom Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. | 7.7 |
| 2023-05-30 | CVE-2023-34205 | Improper Verification of Cryptographic Signature vulnerability in Moov Signedxml 1.0.0 In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. | 9.1 |
| 2023-05-26 | CVE-2023-33185 | Improper Verification of Cryptographic Signature vulnerability in Django-Ses Project Django-Ses Django-SES is a drop-in mail backend for Django. | 5.4 |
| 2023-05-18 | CVE-2022-4418 | Improper Verification of Cryptographic Signature vulnerability in Acronis Cyber Protect Home Office Local privilege escalation due to unrestricted loading of unsigned libraries. | 7.8 |
| 2023-03-24 | CVE-2023-28818 | Improper Verification of Cryptographic Signature vulnerability in Veritas Aptare IT Analytics and Netbackup IT Analytics An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. | 5.3 |
| 2023-03-16 | CVE-2023-28113 | Improper Verification of Cryptographic Signature vulnerability in Russh Project Russh russh is a Rust SSH client and server library. | 5.9 |
| 2023-03-10 | CVE-2022-20929 | Improper Verification of Cryptographic Signature vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade files. | 7.8 |
| 2023-02-28 | CVE-2023-20940 | Improper Verification of Cryptographic Signature vulnerability in Google Android 13.0 In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. | 7.8 |
| 2023-02-16 | CVE-2021-43074 | Improper Verification of Cryptographic Signature vulnerability in Fortinet products An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter. | 4.3 |
| 2023-02-13 | CVE-2023-25718 | Improper Verification of Cryptographic Signature vulnerability in Connectwise Control 19.3.25270.7185/22.9.10032 In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. | 9.8 |