Total
349 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30066 | 2 Belden, Schneider-electric | 26 Eagle 20 Tofino 943 987-501-tx\/tx, Eagle 20 Tofino 943 987-501-tx\/tx Firmware, Eagle 20 Tofino 943 987-502 -tx\/mm and 23 more | 2024-02-04 | 7.2 HIGH | 6.8 MEDIUM |
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed. NOTE: this issue exists because of an incomplete fix of CVE-2017-11400. | |||||
CVE-2022-24773 | 1 Digitalbazaar | 1 Forge | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. | |||||
CVE-2022-24772 | 1 Digitalbazaar | 1 Forge | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. | |||||
CVE-2021-32977 | 1 Aveva | 1 System Platform | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data. | |||||
CVE-2022-23610 | 1 Wire | 1 Wire-server | 2024-02-04 | 5.1 MEDIUM | 8.1 HIGH |
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was possible to create new accounts with fake SAML credentials. Under certain conditions that can be established by an attacker, an upstream library for parsing, rendering, signing, and validating SAML XML data was accepting public keys as trusted that were provided by the attacker in the signature. As a consequence, the attacker could login as any user in any Wire team with SAML SSO enabled. If SCIM was not enabled, the attacker could also create new users with new SAML NameIDs. In order to exploit this vulnerability, the attacker needs to know the SSO login code (distributed to all team members with SAML credentials and visible in the Team Management app), the SAML EntityID identifying the IdP (a URL not considered sensitive, but usually hard to guess, also visible in Team Management), and the SAML NameID of the user (usually an email address or a nick). The issue has been fixed in wire-server `2022-01-27` and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to `2022-01-27`, so that their backends are no longer affected. There are currently no known workarounds. More detailed information about how to reproduce the vulnerability and mitigation strategies is available in the GitHub Security Advisory. | |||||
CVE-2021-22573 | 1 Google | 1 Oauth Client Library For Java | 2024-02-04 | 3.5 LOW | 7.3 HIGH |
The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation on the client side. We recommend upgrading to version 1.33.3 or above | |||||
CVE-2022-24759 | 1 Chainsafe | 1 Js-libp2p-noise | 2024-02-04 | 5.8 MEDIUM | 7.4 HIGH |
`@chainsafe/libp2p-noise` contains TypeScript implementation of noise protocol, an encryption protocol used in libp2p. `@chainsafe/libp2p-noise` before 4.1.2 and 5.0.3 does not correctly validate signatures during the handshake process. This may allow a man-in-the-middle to pose as other peers and get those peers banned. Users should upgrade to version 4.1.2 or 5.0.3 to receive a patch. There are currently no known workarounds. | |||||
CVE-2021-43393 | 1 St | 4 J-safe3, J-safe3 Firmware, Stsafe-j and 1 more | 2024-02-04 | 1.9 LOW | 6.2 MEDIUM |
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. | |||||
CVE-2022-1739 | 1 Dominionvoting | 2 Democracy Suite, Imagecast X | 2024-02-04 | 7.2 HIGH | 6.8 MEDIUM |
The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to detect tampering. An attacker could leverage this vulnerability to install malicious code, which could also be spread to other vulnerable ImageCast X devices via removable media. | |||||
CVE-2021-44878 | 1 Pac4j | 1 Pac4j | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the "idtoken" response type which is not secure and violates the OpenID Core Specification. The "none" algorithm does not require any signature verification when validating the ID tokens, which allows the attacker to bypass the token validation by injecting a malformed ID token using "none" as the value of "alg" key in the header with an empty signature value. | |||||
CVE-2020-16154 | 2 App\, Fedoraproject | 2 \, Fedora | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. | |||||
CVE-2021-34708 | 1 Cisco | 23 8101-32fh, 8101-32h, 8102-64h and 20 more | 2024-02-04 | 7.2 HIGH | 6.7 MEDIUM |
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2022-24115 | 2 Acronis, Apple | 3 Cyber Protect Home Office, True Image, Macos | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||||
CVE-2021-41830 | 1 Apache | 1 Openoffice | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory. | |||||
CVE-2021-43568 | 1 Starkbank | 1 Elixir Ecdsa | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The verify function in the Stark Bank Elixir ECDSA library (ecdsa-elixir) 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | |||||
CVE-2021-43569 | 1 Starkbank | 1 Ecdsa-dotnet | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | |||||
CVE-2021-1849 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to bypass Privacy preferences. | |||||
CVE-2021-0152 | 1 Intel | 30 Ac1550, Ac1550 Firmware, Ac 3165 and 27 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Improper verification of cryptographic signature in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2021-31847 | 1 Mcafee | 1 Mcafee Agent | 2024-02-04 | 6.9 MEDIUM | 7.8 HIGH |
Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user, through not correctly protecting a temporary directory used in the repair process and not checking the DLL signature. | |||||
CVE-2021-37127 | 1 Huawei | 4 Imanager Neteco, Imanager Neteco 6000, Imanager Neteco 6000 Firmware and 1 more | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210. |