Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-347

CWE-347

Improper Verification of Cryptographic Signature

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

686 vulnerabilities with CWE-347

CVE-2024-13990 CRITICAL

MicroWorld eScan AV - Unauthenticated Remote Code Execution via Update Mechanism Man-in-the-Middle Attack

CVE-2024-49365 HIGH

tiny-secp256k1 < 1.1.7 - Improper Verification of Cryptographic Signature via Buffer.isBuffer Bypass

CVE-2024-36347 MEDIUM

AMD EPYC 7001/7002/7003/9004/4004/9005, Instinct MI300A, Ryzen 5000 - Cryptographic Signature Verification Bypass

CVE-2024-11957 CRITICAL

Kingsoft WPS Office <=12.1.0.18276 - Code Injection

CVE-2024-10237 HIGH

Supermicro MBD-X12DPG-OA6 - Auth Bypass

CVE-2024-56161 HIGH

AMD EPYC 7001/7002/7003/9004 Series - Authenticated CPU Microcode Patch Loader Signature Verification Bypass

CVE-2024-13172 HIGH

Ivanti Endpoint Manager < 2022 SU6 - Remote Code Execution via Cryptographic Issue

CVE-2024-7344 HIGH

Cs-grp Neo Impact < 10.1.024-20241127 - Signature Verification Bypass

CVE-2024-54150 CRITICAL

xmidt-org/cjwt < 2.3.0 - Cryptographic Signature Verification Bypass via Algorithm Confusion

CVE-2024-43106 HIGH

Microsoft Excel 16.83 - Code Injection

CVE-2024-42220 HIGH

Microsoft Outlook 16.83.3 - Library Injection via Cryptographic Signature Verification Bypass

CVE-2024-42004 HIGH

Microsoft Teams 24046.2813.2770.1094 for macOS - Library Injection via Crafted Library

CVE-2024-41165 HIGH

Microsoft Word 16.83 for macOS - Library Injection via Cryptographic Signature Verification Bypass

CVE-2024-41159 HIGH

Microsoft OneNote 16.83 for macOS - Library Injection via Cryptographic Signature Verification Bypass

CVE-2024-41145 HIGH

Microsoft Teams 24046.2813.2770.1094 - Library Injection via WebView.app Helper App

CVE-2024-41138 HIGH

Microsoft Teams 24046.2813.2770.1094 - Library Injection via com.microsoft.teams2.modulehost.app

CVE-2024-39804 HIGH

Microsoft PowerPoint 16.83 for macOS - Library Injection via Cryptographic Signature Verification Bypass

CVE-2024-22461 HIGH

Dell RecoverPoint for VMs 6.0.x - Command Injection

CVE-2024-54126 HIGH

TP-Link Archer C50 < V4_240917 Authenticated Firmware Signature Bypass

CVE-2024-47476 HIGH

Dell NetWorker Management Console <19.11 - Code Injection

CVE-2024-49413 HIGH

SmartSwitch <SMR Dec-2024 Release 1 - Info Disclosure

CVE-2024-52958 HIGH

iota C.ai Conversational Platform <2.1.3 - Code Injection

CVE-2024-53267 MEDIUM

sigstore-java < 1.1.0 - Improper Verification of Cryptographic Signature in KeylessVerifier

CVE-2024-11696 MEDIUM

Mozilla Firefox and Thunderbird - Signature Validation Bypass via Exception Handling

CVE-2024-40592 HIGH

FortiClient MacOS <7.4.0 - Code Injection

Previous Page 9 of 28 Next

Details

Vulnerabilities 686

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy