57 matches found
EUVD-2026-40126
Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends...
Improper Verification of Cryptographic Signature
Overview CoreWCF.Primitives is a port of the service side of Windows Communication Foundation WCF to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature...
Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client
Impact An attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects u ripukidpenc and uripukidpsig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge respons...
GHSA-GQX7-6552-67HF Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client
Impact An attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects u ripukidpenc and uripukidpsig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge respons...
CVE-2026-5050
The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successfulrequest handlers calculating a local signature but not validating DsSignature from the request before...
EUVD-2026-21899
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources...
Palo Alto Networks Cortex XSOAR 安全漏洞
Palo Alto Networks Cortex XSOAR is an application software developed by Palo Alto Networks in the United States. It provides a security orchestration, automation, and response platform, along with threat intelligence management and a built-in marketplace. There are security vulnerabilities in Pal...
Improper Verification of Cryptographic Signature
Overview lightrag-hku is a LightRAG: Simple and Fast Retrieval-Augmented Generation Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the validatetoken function. An attacker can gain unauthorized access to protected resources by crafting a JWT...
Improper Verification of Cryptographic Signature
Overview openssl-encrypt is an A package for secure file encryption and decryption based on modern ciphers using heavy-compute-load chaining of hashing and KDF to generate strong encryption password based on users provided password to ensure secure encryption of files Affected versions of this...
PT-2026-25873
Name of the Vulnerable Software and Affected Versions sjcl affected versions not specified Description The software is susceptible to an Improper Verification of Cryptographic Signature issue due to missing point-on-curve validation within the sjcl.ecc.basicKey.publicKey function. An attacker can...
PT-2026-25602
Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication...
Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could resul...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jws-3.2.2.tgz
Summary IBM Watson Discovery Cartridge affected by vulnerability in jws-3.2.2.tgz Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature...
Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the VerifyDelegate function. An attacker in control of a compromised TUF repository can bypass signature validation and modify metadata files by setting the signature threshold to 0...
Windows Admin Center Elevation of Privilege Vulnerability
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally...
CVE-2025-64787
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...
CVE-2025-64786 Acrobat Reader | Improper Verification of Cryptographic Signature (CWE-347)
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited...
CVE-2025-64787 Acrobat Reader | Improper Verification of Cryptographic Signature (CWE-347)
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...
PT-2025-50118
Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.3 FortiOS versions 7.4.0 through 7.4.8 FortiOS versions 7.2.0 through 7.2.11 FortiOS versions 7.0.0 through 7.0.17 FortiProxy versions 7.6.0 through 7.6.3 FortiProxy versions 7.4.0 through 7.4.10 FortiProxy...
PT-2025-50225
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 20.005.30793 through 20.005.30803 Acrobat Reader versions 24.001.30264 through 24.001.30273 Acrobat Reader version 25.001.20982 Description The software contains an Improper Verification of Cryptographic Signature issue...