Total
376 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15240 | 1 Auth0 | 1 Omniauth-auth0 | 2024-02-04 | 5.8 MEDIUM | 9.1 CRITICAL |
| omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. Improper validation of the JWT token signature can allow an attacker to bypass authentication and authorization. You are affected by this vulnerability if all of the following conditions apply: 1. You are using `omniauth-auth0`. 2. You are using `JWTValidator.verify` method directly OR you are not authenticating using the SDK’s default Authorization Code Flow. The issue is patched in version 2.4.1. | |||||
| CVE-2020-24429 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-8901 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action. | |||||
| CVE-2018-18688 | 11 Apple, Code-industry, Foxitsoftware and 8 more | 16 Macos, Master Pdf Editor, Foxit Reader and 13 more | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader. | |||||
| CVE-2020-26290 | 1 Linuxfoundation | 1 Dex | 2024-02-04 | 6.8 MEDIUM | 9.6 CRITICAL |
| Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library. The vulnerabilities have been addressed in version 2.27.0 by using the xml-roundtrip-validator from Mattermost (see related references). | |||||
| CVE-2019-1736 | 1 Cisco | 22 Fmc1000-k9 Bios, Fmc1000-k9 Firmware, Fmc2500-k9 Bios and 19 more | 2024-02-04 | 6.9 MEDIUM | 6.6 MEDIUM |
| A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco. | |||||
| CVE-2020-11488 | 2 Intel, Nvidia | 3 Bmc Firmware, Dgx-1, Dgx-2 | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution. | |||||
| CVE-2020-23967 | 1 Drweb | 1 Security Space | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate. | |||||
| CVE-2015-7336 | 1 Lenovo | 1 System Update | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed. | |||||
| CVE-2020-13803 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||||
| CVE-2020-10608 | 1 Osisoft | 9 Pi Api, Pi Buffer Subsystem, Pi Connector and 6 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification. | |||||
| CVE-2020-15091 | 1 Tendermint | 1 Tendermint | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit. | |||||
| CVE-2020-5407 | 1 Pivotal Software | 1 Spring Security | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an arbitrary assertion that Spring Security will accept as valid. | |||||
| CVE-2020-2021 | 1 Paloaltonetworks | 1 Pan-os | 2024-02-04 | 9.3 HIGH | 10.0 CRITICAL |
| When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability. This issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. This issue cannot be exploited if SAML is not used for authentication. This issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled (checked) in the SAML Identity Provider Server Profile. Resources that can be protected by SAML-based single sign-on (SSO) authentication are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN, Authentication and Captive Portal, PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces, Prisma Access In the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N). In the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability. | |||||
| CVE-2019-10575 | 1 Qualcomm | 6 Sda845, Sda845 Firmware, Sdm845 and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850 | |||||
| CVE-2019-20834 | 1 Foxitsoftware | 1 Phantompdf | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures. | |||||
| CVE-2020-3308 | 1 Cisco | 2 Firepower Management Center, Firepower Threat Defense | 2024-02-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image. | |||||
| CVE-2020-12607 | 1 Fastecdsa Project | 1 Fastecdsa | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a usability problem. There are some threat models where an attacker can benefit by successfully guessing users for whom signature verification will fail. | |||||
| CVE-2020-14515 | 1 Wibu | 1 Codemeter | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected. | |||||
| CVE-2019-15796 | 3 Canonical, Debian, Ubuntu | 3 Ubuntu Linux, Python-apt, Python-apt | 2024-02-04 | 2.6 LOW | 4.7 MEDIUM |
| Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. | |||||