Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-347 (密码学签名的验证不恰当) — Vulnerability Class 357

357 vulnerabilities classified as CWE-347 (密码学签名的验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-29451 Missing validation of JWT signature in `ManyDesigns/Portofino` — Portofino 9.1 Critical2021-04-16
CVE-2021-21405 BLS Signature "Malleability" — lotus 5.9 Medium2021-04-15
CVE-2021-1375 Cisco IOS XE Software Fast Reload Vulnerabilities — Cisco IOS XE Software 6.7 -2021-03-24
CVE-2021-1376 Cisco IOS XE Software Fast Reload Vulnerabilities — Cisco IOS XE Software 6.7 -2021-03-24
CVE-2021-1453 Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability — Cisco IOS XE Software 6.8 Medium2021-03-24
CVE-2021-3406 CNCF Keylime 信任管理问题漏洞 — keylime 8.2 -2021-02-25
CVE-2021-1366 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability — Cisco AnyConnect Secure Mobility Client 7.8 High2021-02-17
CVE-2021-3033 Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console — Prisma Cloud Compute 9.1 Critical2021-02-10
CVE-2021-1136 Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities — Cisco IOS XR Software 6.7 Medium2021-02-04
CVE-2021-1244 Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities — Cisco IOS XR Software 6.7 Medium2021-02-04
CVE-2021-21238 SAML XML Signature wrapping — pysaml2 6.5 Medium2021-01-21
CVE-2021-21239 Open default xmlsec1 key-type preference — pysaml2 6.5 Medium2021-01-21
CVE-2020-26290 Critical security issues in XML encoding in Dex — dex 9.3 Critical2020-12-28
CVE-2020-11093 Authorization bypass in Hyperledger Indy — indy-node 7.5 High2020-12-24
CVE-2020-24439 Acrobat Reader DC for macOS Signature Validation Bypass — Acrobat Reader 2.8 Low2020-11-05
CVE-2020-24429 Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation — Acrobat Reader 7.7 High2020-11-05
CVE-2020-15216 Signature Validation Bypass in goxmldsig — goxmldsig 5.3 Medium2020-09-29
CVE-2020-14365 Red Hat Ansible 数据伪造问题漏洞 — ansible 7.1 -2020-09-23
CVE-2019-1736 Multiple Cisco UCS-Based Products UEFI Secure Boot Bypass Vulnerability — Cisco Identity Services Engine Software 6.6 -2020-09-23
CVE-2020-14515 WIBU CodeMeter 数据伪造问题漏洞 — CodeMeter 7.5 -2020-09-16
CVE-2020-10759 fwupd 数据伪造问题漏洞 — fwupd 6.0 -2020-09-15
CVE-2020-15705 GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim — grub2 in Ubuntu 6.4 Medium2020-07-29
CVE-2020-10608 多款OSIsoft产品数据伪造问题漏洞 — OSIsoft PI System multiple products and versions 7.8 -2020-07-24
CVE-2016-7064 Pritunl-client 数据伪造问题漏洞 — pritunl-client-electron 7.5 -2020-07-21
CVE-2020-15093 Improper verification of signature threshold in tough — tough 8.6 High2020-07-09
CVE-2020-15091 Denial of Service in TenderMint — tendermint 6.5 Medium2020-07-02
CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication — PAN-OS 10.0 Critical2020-06-29
CVE-2020-9047 exacqVision Software - Improper Verification of Cryptographic Signature — exacqVision Web Service versions 20.03.2.0 and prior 6.8 Medium2020-06-26
CVE-2020-3209 Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability — Cisco IOS XE Software 3.2.0SG 6.8 -2020-06-03
CVE-2020-9753 Naver Whale Browser Installer 数据伪造问题漏洞 — Whale Browser Installer 9.1 -2020-05-20

Vulnerabilities classified as CWE-347 (密码学签名的验证不恰当) represent 357 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.