Total
400 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14365 | 2 Debian, Redhat | 5 Debian Linux, Ansible Engine, Ansible Tower and 2 more | 2022-04-05 | 6.6 MEDIUM | 7.1 HIGH |
| A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability. | |||||
| CVE-2021-33054 | 2 Debian, Inverse | 2 Debian Linux, Sogo | 2022-03-29 | 5.0 MEDIUM | 7.5 HIGH |
| SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. (Only versions after 2.0.5a are affected.) | |||||
| CVE-2022-23610 | 1 Wire | 1 Wire-server | 2022-03-28 | 5.1 MEDIUM | 8.1 HIGH |
| wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without SCIM, it was possible to create new accounts with fake SAML credentials. Under certain conditions that can be established by an attacker, an upstream library for parsing, rendering, signing, and validating SAML XML data was accepting public keys as trusted that were provided by the attacker in the signature. As a consequence, the attacker could login as any user in any Wire team with SAML SSO enabled. If SCIM was not enabled, the attacker could also create new users with new SAML NameIDs. In order to exploit this vulnerability, the attacker needs to know the SSO login code (distributed to all team members with SAML credentials and visible in the Team Management app), the SAML EntityID identifying the IdP (a URL not considered sensitive, but usually hard to guess, also visible in Team Management), and the SAML NameID of the user (usually an email address or a nick). The issue has been fixed in wire-server `2022-01-27` and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to `2022-01-27`, so that their backends are no longer affected. There are currently no known workarounds. More detailed information about how to reproduce the vulnerability and mitigation strategies is available in the GitHub Security Advisory. | |||||
| CVE-2022-24773 | 1 Digitalbazaar | 1 Forge | 2022-03-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. | |||||
| CVE-2022-24772 | 1 Digitalbazaar | 1 Forge | 2022-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. | |||||
| CVE-2022-24771 | 1 Digitalbazaar | 1 Forge | 2022-03-28 | 5.0 MEDIUM | 7.5 HIGH |
| Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds. | |||||
| CVE-2021-43572 | 1 Starkbank | 1 Ecdsa-python | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | |||||
| CVE-2022-24759 | 1 Chainsafe | 1 Js-libp2p-noise | 2022-03-23 | 5.8 MEDIUM | 7.4 HIGH |
| `@chainsafe/libp2p-noise` contains TypeScript implementation of noise protocol, an encryption protocol used in libp2p. `@chainsafe/libp2p-noise` before 4.1.2 and 5.0.3 does not correctly validate signatures during the handshake process. This may allow a man-in-the-middle to pose as other peers and get those peers banned. Users should upgrade to version 4.1.2 or 5.0.3 to receive a patch. There are currently no known workarounds. | |||||
| CVE-2021-20319 | 1 Redhat | 1 Coreos-installer | 2022-03-11 | 6.8 MEDIUM | 7.8 HIGH |
| An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed. | |||||
| CVE-2021-43393 | 1 St | 4 J-safe3, J-safe3 Firmware, Stsafe-j and 1 more | 2022-03-10 | 1.9 LOW | 6.2 MEDIUM |
| STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. | |||||
| CVE-2021-43392 | 1 St | 4 J-safe3, J-safe3 Firmware, Stsafe-j and 1 more | 2022-03-10 | 1.9 LOW | 6.2 MEDIUM |
| STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform. | |||||
| CVE-2022-23655 | 1 Octobercms | 1 October | 2022-03-07 | 2.6 LOW | 5.3 MEDIUM |
| Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to build 474 or v1.1.10. The only known workaround is to manually apply the patch (e3b455ad587282f0fbcb7763c6d9c3d000ca1e6a) which adds server signature validation. | |||||
| CVE-2021-40045 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-02-16 | 2.1 LOW | 5.5 MEDIUM |
| There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2022-24115 | 2 Acronis, Apple | 3 Cyber Protect Home Office, True Image, Macos | 2022-02-10 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (macOS) before build 39605, Acronis True Image 2021 (macOS) before build 39287 | |||||
| CVE-2021-20156 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated "check for updates" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate. | |||||
| CVE-2020-10126 | 1 Ncr | 2 Aptra Xfs, Selfserv Atm | 2021-12-20 | 7.2 HIGH | 7.6 HIGH |
| NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the update process looks for CAB archives on removable media and executes a specific file without first validating the signature of the CAB archive. | |||||
| CVE-2021-34420 | 1 Zoom | 1 Zoom Client For Meetings | 2021-12-16 | 4.3 MEDIUM | 7.4 HIGH |
| The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer. | |||||
| CVE-2021-0152 | 1 Intel | 30 Ac1550, Ac1550 Firmware, Ac 3165 and 27 more | 2021-11-23 | 2.1 LOW | 5.5 MEDIUM |
| Improper verification of cryptographic signature in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2020-15240 | 1 Auth0 | 1 Omniauth-auth0 | 2021-11-18 | 5.8 MEDIUM | 9.1 CRITICAL |
| omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. Improper validation of the JWT token signature can allow an attacker to bypass authentication and authorization. You are affected by this vulnerability if all of the following conditions apply: 1. You are using `omniauth-auth0`. 2. You are using `JWTValidator.verify` method directly OR you are not authenticating using the SDK’s default Authorization Code Flow. The issue is patched in version 2.4.1. | |||||
| CVE-2021-43569 | 1 Starkbank | 1 Ecdsa-dotnet | 2021-11-12 | 7.5 HIGH | 9.8 CRITICAL |
| The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | |||||