Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-347 (密码学签名的验证不恰当) — Vulnerability Class 357

357 vulnerabilities classified as CWE-347 (密码学签名的验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2020-36843 EdDSA-Java 安全漏洞 — ed25519-java 4.3 Medium2025-03-13
CVE-2025-25292 Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential) — ruby-saml 9.8 -2025-03-12
CVE-2025-25291 ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential) — ruby-saml 9.8 -2025-03-12
CVE-2025-20143 Cisco IOS XR Software Secure Boot Bypass Vulnerability — Cisco IOS XR Software 6.7 Medium2025-03-12
CVE-2025-2233 Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability — SmartThings 8.8 -2025-03-11
CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding — saml2 8.6 High2025-03-11
CVE-2025-24043 WinDbg Remote Code Execution Vulnerability — WinDbg 7.5 High2025-03-11
CVE-2025-20206 Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability — Cisco Secure Client 7.1 High2025-03-05
CVE-2024-11957 Arbitrary Code Execution in WPS Office — WPS Office 7.8 -2025-03-04
CVE-2025-27498 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure — AEADs 7.5 -2025-03-03
CVE-2023-25574 JupyterHub's LTI13Authenticator: JWT signature not validated — ltiauthenticator 10.0 Critical2025-02-25
CVE-2024-10237 SMC BMC Firmware Image Authentication Design Issue — MBD-X12DPG-OA6 7.2 High2025-02-04
CVE-2024-56161 AMD SEV-SNP 安全漏洞 — AMD EPYC™ 7001 Series 7.2 High2025-02-03
CVE-2025-23369 Improper Verification of Cryptographic Signature in GitHub Enterprise Server Allows Signature Spoofing by Improper Validation — Enterprise Server 7.5 -2025-01-21
CVE-2025-23206 IAM OIDC custom resource allows connection to unauthorized OIDC provider in aws-cdk — aws-cdk 8.1 -2025-01-17
CVE-2024-13172 Ivanti EPM 数据伪造问题漏洞 — Endpoint Manager 7.8 High2025-01-14
CVE-2024-54150 Algorithm Confusion Vulnerability in cjwt — cjwt 9.1 -2024-12-19
CVE-2024-43106 Microsoft Office 安全漏洞 — Excel 7.1 High2024-12-18
CVE-2024-42220 Microsoft Office 安全漏洞 — Outlook 7.1 High2024-12-18
CVE-2024-42004 Microsoft Teams 安全漏洞 — Teams (work or school) 7.1 High2024-12-18
CVE-2024-41165 Microsoft Office 安全漏洞 — Word 7.1 High2024-12-18
CVE-2024-41159 Microsoft Office 安全漏洞 — OneNote 7.1 High2024-12-18
CVE-2024-41145 Microsoft Teams 安全漏洞 — Teams (work or school) 7.1 High2024-12-18
CVE-2024-41138 Microsoft Teams 安全漏洞 — Teams (work or school) 7.1 High2024-12-18
CVE-2024-39804 Microsoft Office PowerPoint 安全漏洞 — PowerPoint 7.1 High2024-12-18
CVE-2024-22461 Dell RecoverPoint for Virtual Machines 数据伪造问题漏洞 — RecoverPoint for Virtual Machines 8.8 High2024-12-13
CVE-2024-47476 Dell NetWorker Management Console 安全漏洞 — NetWorker Management Console 7.8 High2024-12-03
CVE-2024-52958 iota C.ai Conversational Platform - Improper Verification of Cryptographic Signature — iota C.ai Conversational Platform 8.0AIHighAI2024-11-27
CVE-2024-53267 Vulnerability with bundle verification in sigstore-java — sigstore-java 5.5 Medium2024-11-26
CVE-2021-1461 Cisco SD-WAN Software Signature Verification Bypass Vulnerability — Cisco Catalyst SD-WAN Manager 4.9 Medium2024-11-18

Vulnerabilities classified as CWE-347 (密码学签名的验证不恰当) represent 357 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.