Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-347 (密码学签名的验证不恰当) — Vulnerability Class 357

357 vulnerabilities classified as CWE-347 (密码学签名的验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-20929 Cisco Enterprise NFV Infrastructure Software 数据伪造问题漏洞 — Cisco Enterprise NFV Infrastructure Software 7.8 High2023-03-08
CVE-2021-43074 Fortinet FortiSwitch和FortiWeb数据伪造问题漏洞 — FortiSwitch 4.1 Medium2023-02-16
CVE-2023-23940 OpenZeppelin Contracts for Cairo is vulnerable to signature validation bypass — cairo-contracts 6.4 Medium2023-02-03
CVE-2022-34459 多款Dell产品 数据伪造问题漏洞 — Dell Command Update (DCU) 7.8 High2023-02-01
CVE-2023-23928 reason-jose ignores signature checks — reason-jose 5.9 Medium2023-02-01
CVE-2023-22742 libgit2 fails to verify SSH keys by default — libgit2 5.3 Medium2023-01-20
CVE-2022-46176 Cargo did not verify SSH host keys — cargo 5.3 Medium2023-01-11
CVE-2022-23507 Light client verification not taking into account chain ID — tendermint-rs 5.4 Medium2022-12-15
CVE-2022-41666 Schneider Electric EcoStruxure Operator Terminal Expert 数据伪造问题漏洞 — EcoStruxure Operator Terminal Expert 7.0 High2022-11-04
CVE-2022-41669 Schneider Electric EcoStruxure Operator Terminal Expert 数据伪造问题漏洞 — EcoStruxure Operator Terminal Expert 7.0 High2022-11-04
CVE-2022-31123 Grafana plugin signature bypass vulnerability — grafana 6.1 Medium2022-10-13
CVE-2022-39300 Signature bypass via multiple root elements in node-SAML — node-saml 7.7 High2022-10-13
CVE-2022-39299 Signature bypass via multiple root elements in Passport-SAML — passport-saml 7.4 High2022-10-12
CVE-2022-20944 Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability — Cisco IOS XE Software 6.1 Medium2022-10-10
CVE-2022-39237 Digital Signature Hash Algorithms Not Validated in sylabs/sif — sif 6.3 Medium2022-10-06
CVE-2022-36056 Vulnerabilities with blob verification in sigstore cosign — cosign 5.5 Medium2022-09-14
CVE-2022-39200 Signature checks not applied to some retrieved missing events — dendrite 7.3 High2022-09-12
CVE-2021-3521 Red Hat Enterprise Linux 数据伪造问题漏洞 — RPM 5.3 -2022-08-22
CVE-2022-2790 Emerson Proficy Machine Edition 数据伪造问题漏洞 — Proficy Machine Edition 5.9 Medium2022-08-19
CVE-2022-28752 Local Privilege Escalation in the Zoom Rooms for Windows Client — Zoom Room for Conference Room for Windows 8.8 High2022-08-17
CVE-2022-28751 Local Privilege Escalation in Zoom Client for Meetings for MacOS — Zoom Client for Meetings for MacOS 8.8 High2022-08-17
CVE-2022-28756 Local Privilege Escalation in Auto Updater for Zoom Client for Meetings for macOS — Zoom Client for Meetings for MacOS 8.8 High2022-08-15
CVE-2022-35930 Ability to bypass attestation verification in sigstore PolicyController — policy-controller 7.1 High2022-08-04
CVE-2022-35929 False positive signature verification in cosign — cosign 7.1 High2022-08-04
CVE-2020-35169 Dell BSAFE 输入验证错误漏洞 — Dell BSAFE Crypto-C Micro Edition 9.1 Critical2022-07-11
CVE-2022-1739 2.2.1 IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347 — ImageCast X firmware 6.8 -2022-06-24
CVE-2022-31053 Signature forgery in Biscuit — biscuit 9.8 Critical2022-06-13
CVE-2022-26510 InHand Networks InRouter302 数据伪造问题漏洞 — InRouter302 6.5 -2022-05-12
CVE-2022-24884 Trivial signature forgery in ecdsautils — ecdsautils 10.0 Critical2022-05-05
CVE-2021-22573 Incorrect signature verification on Google-oauth-java-client — Google-oauth-java-client 8.7 High2022-05-03

Vulnerabilities classified as CWE-347 (密码学签名的验证不恰当) represent 357 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.