Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2020-9226 MEDIUM

HUAWEI P30 Firmware < 10.1.0.135(C00E135R2P11) - Improper Cryptographic Signature Verification

CVE-2020-15091 MEDIUM

Tendermint 0.33.0-0.33.6 - Improper Verification of Cryptographic Signature

CVE-2020-2021 CRITICAL KEV

PAN-OS 8.0.x < 8.0.20 - Unauthenticated SAML Authentication Bypass via Improper Signature Verification

CVE-2020-9047 MEDIUM

exacqVision Web Service < 20.06.3.0 and Enterprise Manager < 20.06.4.0 - Authenticated OS Command Injection

CVE-2020-15302 HIGH

Argent RecoveryManager <0xdc350d09f71c48c5D22fBE2741e4d6A03970E192 ...

CVE-2020-14966 HIGH

jsrsasign < 8.0.18 - Cryptographic Signature Verification Bypass via ECDSA Integer Length Malleability

CVE-2020-14199 MEDIUM

Trezor Model T Firmware < 2.3.1 and Trezor One Firmware < 1.9.1 - Improper Verification of Cryptographic Signature

CVE-2020-13895 HIGH

p5-Crypt-Perl < 0.32 - Improper Verification of Cryptographic Signature

CVE-2020-13810 HIGH

Foxit Reader and PhantomPDF < 9.7.2 - Signature Validation Bypass via Modified File

CVE-2020-13803 HIGH

Foxit PhantomPDF and Reader for Mac < 4.0 - Signature Validation Bypass via Modified File

CVE-2020-3209 MEDIUM

Cisco IOS XE - Unauthenticated Digital Signature Verification Bypass

CVE-2020-12607 HIGH

fastecdsa < 2.1.2 - Improper Verification of Cryptographic Signature

CVE-2020-13415 HIGH

Aviatrix Controller <5.1 - Privilege Escalation

CVE-2020-9753 CRITICAL

Whale Browser Installer < 2.6.88.19 - Improper Verification of Cryptographic Signature

CVE-2020-12244 HIGH

PowerDNS Recursor 4.1.0-4.3.0 - DNSSEC Validation Bypass via NXDOMAIN Response

CVE-2020-12046 MEDIUM

Opto 22 SoftPAC Project <= 9.6 - Unauthenticated Firmware Signature Verification Bypass

CVE-2020-12042 MEDIUM

Opto 22 SoftPAC Project <= 9.6 - Arbitrary File Write via Firmware Update Zip Path Traversal

CVE-2020-5407 HIGH

Spring Security 5.2.0-5.2.3 and 5.3.0-5.3.1 - SAML Signature Wrapping via Assertion Injection

CVE-2020-12692 MEDIUM

OpenStack Keystone <15.0.1-16.0.0 - Info Disclosure

CVE-2020-3308 MEDIUM

Cisco Firepower Threat Defense - Privilege Escalation

CVE-2020-11539 HIGH

Tata Sonata Smart SF Rush 1.12 - Unauthenticated Cleartext Transmission of Sensitive Information

CVE-2020-1026 CRITICAL

MSR JavaScript Cryptography Library - Info Disclosure

CVE-2020-8324 MEDIUM

LenovoAppScenarioPluginSystem <1.2.184.31 - Code Injection

CVE-2020-2146 HIGH

Jenkins Mac Plugin < 1.1.0 - Improper Verification of Cryptographic Signature

CVE-2020-9283 HIGH

golang.org/x/crypto/ssh < 0.0.0-20200220183623-bac4c82f6975 - Denial of Service via Cryptographic Signature Verification

Previous Page 22 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy