Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2024-49394 MEDIUM

mutt and neomutt - Cryptographic Signature Bypass via In-Reply-To Header Spoofing

CVE-2024-49393 MEDIUM

mutt and neomutt - Improper Verification of Cryptographic Signature in To and Cc Headers

CVE-2024-47073 CRITICAL

DataEase < 2.10.2 - Improper Verification of Cryptographic Signature for JWT Tokens

CVE-2024-51526 HIGH

HarmonyOS - Improper Verification of Cryptographic Signature in Hidebug Module

CVE-2024-50347 MEDIUM

Laravel Reverb < 1.4.0 - Improper Verification of Cryptographic Signature in Pusher-compatible API

CVE-2024-8036 MEDIUM

ABB Automation Products - Crafted Firmware/Config Denial of Service or Takeover

CVE-2024-48948 MEDIUM

elliptic < 6.6.0 - Improper Verification of Cryptographic Signature via ECDSA Hash Truncation

CVE-2024-47943 CRITICAL

Rittal IoT Interface & CMC III Processing Unit - Code Injection

CVE-2024-8531 HIGH

Data Center Expert - Code Injection

CVE-2024-9487 CRITICAL

GitHub Enterprise Server < 3.11.16 - SAML SSO Authentication Bypass via Cryptographic Signature Verification

CVE-2024-48949 CRITICAL

elliptic < 6.5.6 - Improper Verification of Cryptographic Signature in ECDSA Verify Function

CVE-2024-47832 CRITICAL

SSOReady <7f92a06 - XML Signature Bypass

CVE-2024-23960 MEDIUM

Alpine Halo9 - Improper Verification of Cryptographic Signature in Firmware Metadata

CVE-2024-7481 HIGH

TeamViewer <15.58.4 - Privilege Escalation

CVE-2024-7479 HIGH

TeamViewer <15.58.4 - Privilege Escalation

CVE-2024-8698 HIGH

Keycloak SAML Core < 22.0.13 - Improper Verification of Cryptographic Signature in XMLSignatureUtil

CVE-2024-7788 HIGH

LibreOffice 24.2.0-24.2.4 - Digital Signature Forgery via Zip Repair Mode

CVE-2024-45607 MEDIUM

whatsapp-api-js 4.0.0-4.0.2 - Improper Verification of Cryptographic Signature in verifyRequestSignature

CVE-2024-45409 CRITICAL

ruby-saml <=1.12.2 and 1.13.0-1.16.0 - Unauthenticated SAML Signature Verification Bypass

CVE-2024-38807 MEDIUM

Spring Boot Loader 2.7.0-2.7.21, 3.0.0-3.0.16, 3.1.0-3.1.12, 3.2.0-3.2.8, 3.3.0-3.3.2 - Signature Forgery

CVE-2024-6800 CRITICAL

GitHub Enterprise Server 3.10.0-3.10.15 - Unauthenticated XML Signature Wrapping via SAML Federation Metadata

CVE-2024-23460 MEDIUM

Zscaler Client Connector < 4.2 - Unauthenticated Arbitrary Code Execution via Unsigned Installer

CVE-2024-23456 HIGH

Zscaler Client Connector < 4.2.0.190 - Improper Verification of Cryptographic Signature

CVE-2024-42461 CRITICAL

elliptic 6.5.6 - Improper Verification of Cryptographic Signature via BER-Encoded ECDSA Signatures

CVE-2024-42459 MEDIUM

elliptic 6.5.6 - Improper Verification of Cryptographic Signature via Missing EDDSA Length Check

Previous Page 10 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy