Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

687 vulnerabilities with CWE-347

CVE-2017-18122 HIGH

SimpleSAMLphp < 1.14.16 - Signature Validation Bypass via Multiple Signed Assertions

CVE-2017-15090 MEDIUM

PowerDNS Recursor 4.0.0-4.0.6 - Improper Verification of Cryptographic Signature in DNSSEC Validation

CVE-2017-17848 HIGH

Enigmail < 1.9.9 - Cryptographic Signature Spoofing via Multipart/Related Message Handling

CVE-2017-17847 HIGH

Enigmail < 1.9.9 - Cryptographic Signature Spoofing via Attachment Handling

CVE-2017-12333 MEDIUM

Cisco NX-OS System Software - Privilege Escalation

CVE-2017-12331 MEDIUM

Cisco NX-OS System Software - Privilege Escalation

CVE-2017-8190 MEDIUM

FusionSphere OpenStack V100R006C00SPC102(NFV) - Improper Verification of Cryptographic Signature

CVE-2017-8177 MEDIUM

Huawei HiWallet < 5.0.3.100 - APK Hijacking via Missing Cryptographic Signature Verification

CVE-2017-11400 MEDIUM

Belden Tofino Xenon Security Appliance Firmware < 3.1.0 - Improper Verification of Cryptographic Signature

CVE-2017-16853 HIGH

OpenSAML < 2.6.1 - Improper Verification of Cryptographic Signature in DynamicMetadataProvider

CVE-2017-16852 HIGH

Shibboleth Service Provider <2.6.1 - Info Disclosure

CVE-2017-5066 MEDIUM

Google Chrome <58.0.3029 - Info Disclosure

CVE-2017-13083 MEDIUM

Rufus < 2.17 - Improper Certificate Validation in Update Mechanism

CVE-2017-12974 HIGH

Nimbus JOSE+JWT < 4.36 - Invalid Curve Attack via ECKey Construction

CVE-2017-10669 MEDIUM

OSCI Transport Library 1.6.1 (Java) and 1.6 (.NET) - Signature Wrapping via Duplicate IDs

CVE-2017-2423 CRITICAL

iPhone OS < 10.3 and macOS < 10.12.4 - Cryptographic Signature Verification Bypass via Empty Signature

CVE-2017-6445 HIGH

OpenELEC 6.0.3, 7.0.1, 8.0.4 - Missing Encryption of Sensitive Data in Auto-Update Feature

CVE-2016-20021 CRITICAL

Gentoo Portage <3.0.47 - Info Disclosure

CVE-2016-7064 HIGH

pritunl-client < 1.0.1116.6 - Sensitive Information Leakage via Missing Cryptographic Signature Verification

CVE-2016-11044 HIGH

Samsung Android L(5.0/5.1) and M(6.0) - Cryptographic Signature Verification Bypass

CVE-2016-9604 MEDIUM

Linux Kernel < 4.11 - Incorrect Permission Assignment for Critical Resource

CVE-2016-1000342 HIGH

Bouncy Castle JCE Provider <1.55 - Code Injection

CVE-2016-1000338 HIGH

Bouncy Castle JCE Provider <1.55 - Code Injection

CVE-2016-8021 MEDIUM

Intel Security VirusScan Enterprise Linux <2.0.3 - RCE

CVE-2015-3298 HIGH

Yubico ykneo-openpgp <1.0.10 - Info Disclosure

Previous Page 27 of 28 Next

Details

Vulnerabilities 687

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy