Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2025-20248 MEDIUM

Cisco IOS XR Software - Privilege Escalation

CVE-2025-52550 HIGH

Copeland E3 Supervisory Controller Firmware < 2.31f01 - Unauthenticated Firmware Forgery via Unsigned Upgrade Packages

CVE-2025-30064 HIGH

CGM CLININET <= 2025.MS2 - Session Generation via Insufficient JWT Verification

CVE-2025-57801 CRITICAL

gnark < 0.14.0 - Signature Malleability via Improper S Value Verification

CVE-2025-55229 MEDIUM

Windows Certificates - Info Disclosure

CVE-2025-4371 MEDIUM

Lenovo 510 FHD - Privilege Escalation

CVE-2025-40758 HIGH

Mendix SAML Module - Signature Validation Account Hijacking

CVE-2025-54982 CRITICAL

Zscaler Authentication Server < 6.2r - Authentication Abuse via SAML Cryptographic Signature Verification

CVE-2025-8454 CRITICAL

devscripts - Improper Verification of Cryptographic Signature in uscan

CVE-2025-43185 MEDIUM

macOS Sequoia <15.6 - Info Disclosure

CVE-2025-54419 CRITICAL

node-saml < 5.1.0 - Authentication Bypass via SAML Assertion Manipulation

CVE-2025-43023 CRITICAL

HP Linux Imaging and Printing Software - Info Disclosure

CVE-2025-54369 CRITICAL

node-saml < 5.1.0 - Improper Verification of Cryptographic Signature

CVE-2025-23364 MEDIUM

TIA Administrator < 3.0.6 - Improper Verification of Cryptographic Signature

CVE-2025-21004 MEDIUM

Samsung Wear OS - Unauthenticated Device Power-Off via Broadcast Receiver Intent

CVE-2025-32977 CRITICAL

Quest KACE SMA <14.1.101 - Info Disclosure

CVE-2025-52556 CRITICAL

rfc3161-client < 1.0.3 - Improper Verification of Cryptographic Signature

CVE-2025-33069 MEDIUM

App Control for Business - Info Disclosure

CVE-2025-47827 MEDIUM KEV

IGEL OS < 11 - Secure Boot Bypass via Improper Cryptographic Signature Verification

CVE-2025-24015 MEDIUM

Deno 1.46.0-2.1.6 - Improper Verification of Cryptographic Signature in AES-GCM

CVE-2025-47949 HIGH

samlify < 2.10.0 - Signature Wrapping Attack via SAML Response Forgery

CVE-2025-47934 HIGH

OpenPGP.js 5.0.1-5.11.2 & 6.0.0-alpha.0-6.1.0 Signature Verification Spoofing

CVE-2025-4658 CRITICAL

OpenPubkey < 0.10.0 and OPKSSH < 0.5.0 - Authentication Bypass via JWS Signature Verification

CVE-2025-3757 CRITICAL

OpenPubkey < 0.10.0 - Authentication Bypass via JWS Signature Verification

CVE-2025-20181 MEDIUM

Cisco IOS for Catalyst 2960X/2960XR/2960CX/3560CX - Authenticated Arbitrary Code Execution via Boot File Tampering

Previous Page 7 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy