Vulnerabilities > Improper Verification of Cryptographic Signature
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-28 | CVE-2022-3322 | Improper Verification of Cryptographic Signature vulnerability in Cloudflare Warp Mobile Client Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action. | 7.5 |
| 2022-10-13 | CVE-2022-39300 | Improper Verification of Cryptographic Signature vulnerability in Node Saml Project Node Saml node SAML is a SAML 2.0 library based on the SAML implementation of passport-saml. | 8.1 |
| 2022-10-12 | CVE-2022-39299 | Improper Verification of Cryptographic Signature vulnerability in Passport-Saml Project Passport-Saml Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. | 8.1 |
| 2022-10-10 | CVE-2022-20944 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. | 6.8 |
| 2022-10-10 | CVE-2022-42010 | Improper Verification of Cryptographic Signature vulnerability in multiple products An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. | 6.5 |
| 2022-09-24 | CVE-2022-41340 | Improper Verification of Cryptographic Signature vulnerability in Secp256K1-Js Project Secp256K1-Js 1.0.0/1.0.1 The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | 7.5 |
| 2022-09-02 | CVE-2021-35097 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 6.8 |
| 2022-09-02 | CVE-2021-35113 | Improper Verification of Cryptographic Signature vulnerability in Qualcomm products Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 6.8 |
| 2022-08-29 | CVE-2021-40326 | Improper Verification of Cryptographic Signature vulnerability in Foxit PDF Editor, PDF Reader and Phantompdf Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. | 5.5 |
| 2022-08-17 | CVE-2022-28751 | Improper Verification of Cryptographic Signature vulnerability in Zoom Meetings The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. | 7.8 |