Lucene search
K

57 matches found

EUVD
EUVD
added 4 days ago5 views

EUVD-2026-40126

Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends...

5.8CVSS5.8AI score0.00083EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/19 8:46 p.m.6 views

Improper Verification of Cryptographic Signature

Overview CoreWCF.Primitives is a port of the service side of Windows Communication Foundation WCF to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature...

8.2CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/15 6:30 p.m.13 views

Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client

Impact An attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects u ripukidpenc and uripukidpsig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge respons...

7.4CVSS5.8AI score0.00118EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/05/15 6:30 p.m.5 views

GHSA-GQX7-6552-67HF Improper Verification of Cryptographic Signature in com.oviva.telematik:epa4all-client

Impact An attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects u ripukidpenc and uripukidpsig to attacker-controlled URLs. The client then encrypts the SMC-B-signed challenge respons...

7.4CVSS5.8AI score0.00118EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:29 a.m.5 views

CVE-2026-5050

The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successfulrequest handlers calculating a local signature but not validating DsSignature from the request before...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/13 9:31 a.m.7 views

EUVD-2026-21899

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources...

9.2CVSS5.8AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.4 views

Palo Alto Networks Cortex XSOAR 安全漏洞

Palo Alto Networks Cortex XSOAR is an application software developed by Palo Alto Networks in the United States. It provides a security orchestration, automation, and response platform, along with threat intelligence management and a built-in marketplace. There are security vulnerabilities in Pal...

9.2CVSS7.3AI score0.00236EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/08 12:17 a.m.5 views

Improper Verification of Cryptographic Signature

Overview lightrag-hku is a LightRAG: Simple and Fast Retrieval-Augmented Generation Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the validatetoken function. An attacker can gain unauthorized access to protected resources by crafting a JWT...

9.3CVSS5.8AI score0.00154EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/01 9:11 p.m.2 views

Improper Verification of Cryptographic Signature

Overview openssl-encrypt is an A package for secure file encryption and decryption based on modern ciphers using heavy-compute-load chaining of hashing and KDF to generate strong encryption password based on users provided password to ensure secure encryption of files Affected versions of this...

8.8CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.7 views

PT-2026-25873

Name of the Vulnerable Software and Affected Versions sjcl affected versions not specified Description The software is susceptible to an Improper Verification of Cryptographic Signature issue due to missing point-on-curve validation within the sjcl.ecc.basicKey.publicKey function. An attacker can...

8.7CVSS5.8AI score0.00246EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25602

Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication...

5.3CVSS5.9AI score0.00256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.5 views

Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could resul...

7.8CVSS6.4AI score0.00352EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 8:23 p.m.10 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jws-3.2.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in jws-3.2.2.tgz Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature...

7.5CVSS5.4AI score0.00193EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2026/01/22 3:45 a.m.5 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the VerifyDelegate function. An attacker in control of a compromised TUF repository can bypass signature validation and modify metadata files by setting the signature threshold to 0...

8.2CVSS5.5AI score0.00196EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.8 views

Windows Admin Center Elevation of Privilege Vulnerability

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally...

7.5CVSS6.9AI score0.00209EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/11 5:3 a.m.5 views

CVE-2025-64787

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...

4CVSS6.4AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:21 p.m.26 views

CVE-2025-64786 Acrobat Reader | Improper Verification of Cryptographic Signature (CWE-347)

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited...

3.3CVSS0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:21 p.m.23 views

CVE-2025-64787 Acrobat Reader | Improper Verification of Cryptographic Signature (CWE-347)

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...

3.3CVSS0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.9 views

PT-2025-50118

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.3 FortiOS versions 7.4.0 through 7.4.8 FortiOS versions 7.2.0 through 7.2.11 FortiOS versions 7.0.0 through 7.0.17 FortiProxy versions 7.6.0 through 7.6.3 FortiProxy versions 7.4.0 through 7.4.10 FortiProxy...

10CVSS7.6AI score0.65825EPSS
Exploits1References269
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50225

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 20.005.30793 through 20.005.30803 Acrobat Reader versions 24.001.30264 through 24.001.30273 Acrobat Reader version 25.001.20982 Description The software contains an Improper Verification of Cryptographic Signature issue...

4CVSS6.6AI score0.00373EPSS
Exploits0References8
Rows per page
Query Builder