Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2022-41340 HIGH

secp256k1-js <1.1.0 - Info Disclosure

CVE-2022-36056 MEDIUM

sigstore/cosign < 1.12.0 - Improper Verification of Cryptographic Signature

CVE-2022-39200 HIGH

Dendrite < 0.9.8 - Improper Verification of Cryptographic Signature via /get_missing_events Endpoint

CVE-2022-2790 MEDIUM

Emerson Electric's Proficy Machine Edition < 9.0.0 - Improper Verification of Cryptographic Signature

CVE-2022-28752 HIGH

Zoom Rooms for Conference Rooms for Windows <5.11.0 - Privilege Esc...

CVE-2022-28751 HIGH

Zoom Client for Meetings <5.11.3 - Privilege Escalation

CVE-2022-28756 HIGH

Zoom Client for Meetings <5.11.5 - Privilege Escalation

CVE-2022-35930 HIGH

PolicyController <0.2.1 - Info Disclosure

CVE-2022-35929 HIGH

sigstore cosign < 1.10.1 - Improper Verification of Cryptographic Signature via Attestation Type Check

CVE-2022-31207 CRITICAL

Omron SYSMAC CS/CJ/CP Series Firmware - Unauthenticated Arbitrary Code Execution via FINS Protocol

CVE-2022-31206 CRITICAL

Omron SYSMAC Nx PLCs < 1.29/1.49 - Unauthenticated Arbitrary Code Execution via Unverified Object Code

CVE-2022-31172 HIGH

OpenZeppelin Contracts <4.7.1 - Code Injection

CVE-2022-31156 MEDIUM

Gradle 6.2.0-7.4.2 - Dependency Verification Bypass via Missing Checksum or Signature

CVE-2022-25898 HIGH

jsrsasign 4.8.0-10.5.24 - Improper Verification of Cryptographic Signature

CVE-2022-1739 MEDIUM

Dominion Voting Systems ImageCast X - Improper Cryptographic Signature Verification

CVE-2022-31053 CRITICAL

Biscuit Authentication Token - Cryptographic Signature Forgery via Gamma-Signature Algorithm

CVE-2022-26510 MEDIUM

InHand Networks InRouter302 V3.5.37 - Code Injection

CVE-2022-24884 CRITICAL

ecdsautils < 0.4.1 - Cryptographic Signature Verification Bypass via Zero Signature Values

CVE-2022-24773 MEDIUM

Forge < 1.3.0 - Improper Verification of Cryptographic Signature

CVE-2022-24772 HIGH

forge < 1.3.0 - Improper Verification of Cryptographic Signature via PKCS#1 v1.5 Padding

CVE-2022-24771 HIGH

forge < 1.3.0 - Improper Verification of Cryptographic Signature

CVE-2022-24759 HIGH

@chainsafe/libp2p-noise <4.1.2, 5.0.3 - Man-in-the-middle

CVE-2022-23610 CRITICAL

wire-server < 2.123.0 - SAML SSO Bypass via DSA Signature Spoofing

CVE-2022-23655 MEDIUM

OctoberCMS < 1.0.475 and 1.1.0-1.1.10 - Unauthenticated Private Key Exfiltration via Unverified Gateway Server

CVE-2022-24115 HIGH

Acronis True Image and Cyber Protect Home Office - Local Privilege Escalation via Unsigned Library Loading

Previous Page 16 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy