Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2025-66568 CRITICAL

ruby-saml < 1.18.0 - Authentication Bypass via Signature Wrapping Attack

CVE-2025-66567 CRITICAL

ruby-saml < 1.18.0 - Authentication Bypass via Signature Wrapping Attack

CVE-2025-13662 HIGH

Ivanti Endpoint Manager < 2024 SU4 SR1 - Remote Code Execution via Signature Bypass

CVE-2025-65945 HIGH

auth0/node-jws <4.0.0 - Improper Signature Verification

CVE-2025-40934 CRITICAL

XML-Sig 0.27-0.67 - Improper Verification of Cryptographic Signature via Omitted Signature

CVE-2025-34324 HIGH

GoSign Desktop < 2.4.1 - Arbitrary Code Execution via Unsigned Update Manifest

CVE-2025-64740 HIGH

Zoom Workplace VDI Client < 6.3.14 Privilege Escalation via Signature Bypass

CVE-2025-64186 HIGH

evervault-go < 1.3.2 - Improper Verification of Cryptographic Signature in Attestation Logic

CVE-2025-64456 HIGH

JetBrains ReSharper < 2025.2.4 - Local Privilege Escalation via Missing DPA Collector Signature Verification

CVE-2025-55278 HIGH

HCL DevOps Loop >=1.0.2 <1.0.2 - Improper Verification of Cryptographic Signature in API Authentication Middleware

CVE-2025-43468 MEDIUM

macOS < 14.8.2, < 15.7.2, < 26.1 - Unprotected User Data Exposure via Cryptographic Signature Verification Downgrade

CVE-2025-43390 MEDIUM

macOS <15.7.2-26.1 - Info Disclosure

CVE-2025-54549 MEDIUM

Cryptographic validation bypass - Info Disclosure

CVE-2025-58356 HIGH

Constellation - Cryptographic Vulnerability

CVE-2025-12295 MEDIUM

D-Link DAP-2695 2.00RC13 - Insufficient Verification of Data Authenticity in Firmware Update Handler

CVE-2025-34503 HIGH

Deck Mate 1 - Unauthenticated Arbitrary Code Execution via EEPROM Firmware Replacement

CVE-2025-34500 HIGH

Deck Mate 2 < all known versions prior to 2025-10-23 - Arbitrary Code Execution via Insecure Firmware Update Chain

CVE-2025-55039 MEDIUM

Apache Spark <4.0.0-3.5.2-3.4.4 - Info Disclosure

CVE-2025-59288 MEDIUM

Playwright < 1.55.1 - Improper Verification of Cryptographic Signature

CVE-2025-46774 HIGH

FortiClient MacOS <7.4.2, <7.2.9, All - Privilege Escalation

CVE-2025-9485 CRITICAL

WordPress OAuth Client <6.26.12 - RCE

CVE-2025-59934 CRITICAL

formbricks < 4.0.1 - Unauthenticated Authentication Bypass via JWT Signature Verification Missing

CVE-2025-7937 HIGH

Supermicro MBD-X12STW - Code Injection

CVE-2025-6198 HIGH

Supermicro MBD-X13SEM-F - Code Injection

CVE-2025-59334 CRITICAL

Linkr < 2.0.1 - Arbitrary File Injection via Tampered Manifest

Previous Page 6 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy