Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2023-23928 MEDIUM

reason-jose < 0.8.2 - Improper Verification of Cryptographic Signature in JWS Validation

CVE-2023-22742 MEDIUM

libgit2 < 1.4.5 - Improper Verification of Cryptographic Signature

CVE-2023-24025 HIGH

CRYSTALS-DILITHIUM - Info Disclosure

CVE-2022-31807 MEDIUM

Siemens SIPASS Integrated AC5102 (ACC-G2) and ACC-AP Firmware - Improper Firmware Signature Verification

CVE-2022-3864 MEDIUM

Hitachi Energy Relion 650/670/SAM600-IO Firmware - Denial of Service via Tampered Update Package

CVE-2022-25333 HIGH

Texas Instruments OMAP L138 Firmware - Improper Verification of Cryptographic Signature via SK_LOAD Routine

CVE-2022-4418 HIGH

Acronis Cyber Protect Home Office < 40208 - Local Privilege Escalation via Unsigned Library Loading

CVE-2022-20929 HIGH

Cisco Enterprise NFV Infrastructure Software 3.5.1-4.9.1 - Unauthenticated Cryptographic Signature Verification Bypass

CVE-2022-34459 HIGH

Dell Command | Update, Dell Update, Alienware Update < 4.7 - Cryptographic Signature Verification Bypass

CVE-2022-23334 CRITICAL

Ip-label Newtest < 8.5r0 - Privilege Escalation via Weak Binary Signature Check

CVE-2022-46176 MEDIUM

Cargo < 1.66.1 - Improper Verification of Cryptographic Signature via SSH Host Key

CVE-2022-23540 MEDIUM

jsonwebtoken <=8.5.1 - Signature Validation Bypass via Default 'none' Algorithm

CVE-2022-47549 MEDIUM

OP-TEE < 3.20 - Cryptographic Signature Verification Bypass via Electromagnetic Fault Injection

CVE-2022-23507 MEDIUM

tendermint-light-client < 0.28.0 - Improper Verification of Cryptographic Signature

CVE-2022-41669 HIGH

SGIUtility <V3.3 Hotfix 1 - Code Injection

CVE-2022-41666 HIGH

EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Code Injection

CVE-2022-42793 MEDIUM

iPadOS < 15.7 - Improper Verification of Cryptographic Signature

CVE-2022-39366 CRITICAL

DataHub < 0.8.45 - Authentication Bypass via Missing JWT Signature Verification

CVE-2022-3322 MEDIUM

Cloudflare WARP Mobile Client < 6.14 - Missing Authorization for Lock Warp Switch Bypass

CVE-2022-39300 HIGH

node-saml < 4.0.0 - Improper Verification of Cryptographic Signature

CVE-2022-31123 MEDIUM

Grafana <9.1.8, <8.5.14 - Auth Bypass

CVE-2022-39299 HIGH

passport-saml < 3.2.2 - Authentication Bypass via SAML Signature Verification Flaw

CVE-2022-20944 MEDIUM

Cisco IOS XE for Catalyst 9200 - Unauthenticated Cryptographic Signature Bypass

CVE-2022-42010 MEDIUM

Freedesktop Dbus < 1.12.24 - Signature Verification Bypass

CVE-2022-39237 MEDIUM

sylabs/sif < 2.8.1 - Use of a Broken or Risky Cryptographic Algorithm in Digital Signature Verification

Previous Page 15 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy