VYPR

CWE-347

Improper Verification of Cryptographic Signature

BaseDraft

Description

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-463 · CAPEC-475

CVEs mapped to this weakness (357)

page 4 of 18
  • CVE-2026-34872CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values…

  • CVE-2026-33026CriMar 30, 2026
    risk 0.52cvss 9.1epss 0.00

    Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4.

  • CVE-2024-54150CriDec 19, 2024
    risk 0.52cvss 9.1epss 0.00

    cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between signing methods. If the system doesn't differentiate between an HMAC signed…

  • CVE-2018-7685HigAug 31, 2018
    risk 0.51cvss 7.8epss 0.00

    The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during…

  • CVE-2018-10988HigJul 5, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRO_NAME/upgrade.sh or…

  • CVE-2014-9934HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.00

    A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.

  • CVE-2013-3900MedKEVDec 11, 2013
    risk 0.51cvss 5.5epss 0.45

    Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…

  • CVE-2002-1796HigDec 31, 2002
    risk 0.51cvss 7.8epss 0.00

    ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.

  • CVE-2026-52754HigJun 10, 2026
    risk 0.50cvss 8.8epss 0.00

    Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate() that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate…

  • CVE-2025-47934HigMay 19, 2025
    risk 0.50cvss epss 0.01

    OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing these functions to return a valid signature…

  • CVE-2025-31489HigApr 3, 2025
    risk 0.50cvss epss 0.02

    MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior…

  • CVE-2024-48915HigOct 15, 2024
    risk 0.50cvss epss 0.00

    Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in `lib/agent/certificate.dart` does not occur properly. During the delegation verification in the `_checkDelegation` function, the…

  • CVE-2018-16515HigSep 18, 2018
    risk 0.50cvss 8.8epss 0.02

    Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.

  • CVE-2026-50010HigJun 12, 2026
    risk 0.49cvss 7.5epss 0.00

    Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers() and related paths wrap any user-supplied plain X509TrustManager in…

  • CVE-2025-27773HigMar 11, 2025
    risk 0.49cvss 8.6epss 0.00

    The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the…

  • CVE-2018-16152HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a…

  • CVE-2018-16151HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in…

  • CVE-2018-12019HigJun 13, 2018
    risk 0.49cvss 7.5epss 0.02

    The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted…

  • CVE-2017-16005HigJun 4, 2018
    risk 0.49cvss 7.5epss 0.01

    Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he…

  • CVE-2018-3756HigJun 1, 2018
    risk 0.49cvss 7.5epss 0.01

    Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other…