Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2021-24020 HIGH

FortiMail 6.2.0-6.2.7 and 6.4.0-6.4.4 - Unauthenticated Cryptographic Signature Bypass via Hash Digest Tampering

CVE-2021-35039 HIGH

Linux kernel <5.12.14 - Signature Verification

CVE-2021-32738 MEDIUM

js-stellar-sdk < 8.2.3 - Improper Authentication in Utils.readChallengeTx

CVE-2021-23993 MEDIUM

Thunderbird < 78.9.1 - Denial of Service via Crafted OpenPGP Key with Invalid Subkey Self Signature

CVE-2021-23992 MEDIUM

Thunderbird < 78.9.1 - OpenPGP Key User ID Spoofing via Invalid Self Signature

CVE-2021-32685 CRITICAL

tEnvoy < 7.0.3 - Improper Verification of Cryptographic Signature in verifyWithMessage Method

CVE-2021-3196 HIGH

Hitachi ID Bravura Security Fabric 11.0.0-11.1.3 12.0.0-12.0.2 12.1.0 - User Impersonation via SAML Injection

CVE-2021-29500 HIGH

bubble_fireworks < 2021.BUILD-SNAPSHOT - Improper Verification of Cryptographic Signature

CVE-2021-33054 HIGH

SOGo <2.4.1, <3.x-5.1.1 - Auth Bypass

CVE-2021-28091 HIGH

Lasso < 2.7.0 - Improper Verification of Cryptographic Signature

CVE-2021-22735 HIGH

homeLYnk Wiser For KNX <V2.60 - RCE

CVE-2021-22734 HIGH

Schneider homeLYnk and spaceLYnk <=2.60 - Remote Code Execution via Signature Bypass

CVE-2021-20487 CRITICAL

IBM Power9 & Scale-Out LC Firmware <fw930.30/op940.20 - Signature Verification Bypass

CVE-2021-22160 CRITICAL

Apache Pulsar < 2.7.1 and 2.7.2 - Unauthenticated Authentication Bypass via JWT None Algorithm

CVE-2021-3445 HIGH

libdnf < 0.60.1 - Remote Code Execution via Altered RPM Package Header

CVE-2021-3421 MEDIUM

rpm < 4.17.0-alpha - RPM Database Corruption via Package Signature Verification Bypass

CVE-2021-29455 HIGH

Grassroot Platform < 1.3.1 - Improper Verification of Cryptographic Signature in JWT Refresh

CVE-2021-29451 CRITICAL

Portofino 5.0.0-5.2.0 - Improper Verification of Cryptographic Signature in JWT

CVE-2021-21405 MEDIUM

Lotus < 1.5.0 - Cryptographic Signature Verification Bypass via BLS Signature Format Confusion

CVE-2021-30246 CRITICAL

jsrsasign <10.1.13 - Info Disclosure

CVE-2021-30130 HIGH

phpseclib <2.0.31, <3.0.7 - Code Injection

CVE-2021-1376 MEDIUM

Cisco IOS XE - Authenticated Arbitrary Code Execution and Secure Boot Bypass via Fast Reload Feature

CVE-2021-1375 MEDIUM

Cisco IOS XE - Authenticated Arbitrary Code Execution and Secure Boot Bypass via Fast Reload Feature

CVE-2021-1453 MEDIUM

Cisco IOS XE for Catalyst 9000 - Unauthenticated Secure Boot Bypass via Improper Image Signature Verification

CVE-2021-3406 CRITICAL

keylime < 5.8.1 - Improper Certificate Validation

Previous Page 19 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy