Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2020-3138 MEDIUM

Cisco Enterprise NFV Infrastructure Software < 3.11.1 Authenticated Code Execution

CVE-2020-6174 CRITICAL

The Update Framework < 0.12.1 - Improper Verification of Cryptographic Signature

CVE-2020-7906 HIGH

JetBrains Rider <2019.3.7 - Info Disclosure

CVE-2020-5390 HIGH

PySAML2 < 5.0.0 - Improper Verification of Cryptographic Signature via XML Signature Wrapping

CVE-2019-8901 MEDIUM

iPadOS < 13.1 - SSH Traffic Interception via Improper Host Key Verification

CVE-2019-1736 MEDIUM

Cisco UCS C-Series Rack Servers - Authenticated UEFI Secure Boot Bypass via Firmware Image Validation Flaw

CVE-2019-10562 HIGH

Qualcomm Snapdragon Firmware - Improper Authentication and Signature Verification in Secure Boot Loader

CVE-2019-20837 HIGH

Foxit Reader and PhantomPDF < 9.5 - Signature Validation Bypass via Modified File

CVE-2019-20834 HIGH

Foxit PhantomPDF < 8.3.10 - Signature Validation Bypass via Modified File

CVE-2019-10575 HIGH

Qualcomm SDA845 SDM845 SDM850 Firmware - Improper Verification of Cryptographic Signature

CVE-2019-17561 HIGH

Apache NetBeans <= 11.2 - Improper Verification of Cryptographic Signature

CVE-2019-15796 MEDIUM

python-apt <= 1.9.3ubuntu2 - Improper Authentication in Version Hash Validation

CVE-2019-20597 CRITICAL

Samsung Android N(7.1) O(8.x) P(9.0) - Unauthenticated Arbitrary Application Access to SPENgesture User-Input Logs

CVE-2019-14859 CRITICAL

python-ecdsa < 0.13.3 - Improper Verification of Cryptographic Signature

CVE-2019-19962 HIGH

wolfssl < 4.3.0 - Fault Injection in RSA Cryptography via wc_SignatureGenerateHash

CVE-2019-16732 HIGH

Petalk AI and PF-103 Firmware - Unencrypted Firmware Upgrade Transmission

CVE-2019-16753 HIGH

DAPS/PIVX <2019-08-26 - Info Disclosure

CVE-2019-3465 HIGH

xmlseclibs < 1.4.2 and 3.0.0-3.0.3 - Authenticated Cryptographic Signature Verification Bypass

CVE-2019-0071 HIGH

Junos OS 18.1R3-S4/18.3R1-S3 on EX2300/EX3400 - Authenticated Privilege Escalation via Veriexec

CVE-2019-16992 HIGH

Keybase 2.13.2 - Improper Verification of Cryptographic Signature

CVE-2019-11755 HIGH

Thunderbird <68.1.1 - Info Disclosure

CVE-2019-12662 MEDIUM

Cisco IOS XE and NX-OS - Authenticated Code Execution via Improper OVA Signature Verification

CVE-2019-12649 MEDIUM

Cisco IOS XE - Authenticated Digital Signature Verification Bypass via Boot Process

CVE-2019-3738 MEDIUM

RSA BSAFE Crypto-J < 6.2.5 - Missing Required Cryptographic Step

CVE-2019-15545 HIGH

libp2p < 0.8.1 - Cryptographic Signature Spoofing

Previous Page 23 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy