CWE-347: CWE-347

This vulnerability allows unauthenticated attackers to bypass signature verification in PKCS7 objects with Authenticated Attributes in AWS-LC. It affe...

A signature malleability vulnerability in sm-crypto's SM2 signature verification allows attackers to create new valid signatures from existing ones. T...

A signature forgery vulnerability in sm-crypto's SM2 implementation allows attackers to create valid signatures for arbitrary public keys. This affect...

This vulnerability in Windows Admin Center allows an authorized attacker to bypass cryptographic signature verification, enabling local privilege esca...

This vulnerability allows attackers to bypass JSON Web Signature verification in auth0/node-jws when using HMAC algorithms. Applications are affected ...

This vulnerability allows an authenticated user with local access to escalate privileges on Windows systems running the Zoom Workplace VDI Client. The...

A local privilege escalation vulnerability in FortiClient for macOS allows authenticated local users to gain elevated privileges by exploiting imprope...

A Signature Wrapping vulnerability in samlify allows attackers to forge SAML authentication responses and impersonate any user. This affects all appli...

Suricata's default AF_PACKET defrag configuration causes packet truncation when reassembling fragmented packets, leading to incomplete network traffic...

CVE-2025-24043 is a cryptographic signature verification vulnerability in .NET that allows authenticated attackers to execute arbitrary code remotely....

This vulnerability allows attackers to forge JWT tokens by exploiting algorithm confusion in lepture Authlib. When jwt.decode() is called without spec...

A vulnerability in GnuTLS causes Cockpit to reject certificate chains with distributed trust when using cockpit-certificate-ensure, allowing unauthent...

This vulnerability in free5GC UDM allows an invalid curve attack when using Go versions before 1.19. An attacker can send arbitrary SUCIs (Subscriptio...

CVE-2022-24771 is a cryptographic vulnerability in node-forge that allows signature forgery when using RSA PKCS#1 v1.5 with low public exponents. Atta...

This vulnerability allows an attacker to create a digitally signed LibreOffice document that appears valid but actually uses a different key for verif...

CVE-2021-44878 is an authentication bypass vulnerability in pac4j OpenID Connect implementation. It allows attackers to forge unsigned ID tokens using...

CVE-2021-41832 is a signature validation bypass vulnerability in Apache OpenOffice that allows attackers to manipulate documents to appear as if they ...

This vulnerability allows malicious applications to bypass code signature validation checks, potentially circumventing macOS and iOS privacy preferenc...

CVE-2021-28091 is a signature verification bypass vulnerability in Lasso, an open-source library for SAML authentication. Attackers can forge SAML ass...

This vulnerability in libdnf allows attackers to execute arbitrary code by modifying RPM package headers and tricking users into installing them. It a...

This vulnerability in Grassroot Platform allows attackers to forge valid JSON Web Tokens by exploiting improper signature verification during JWT refr...

This vulnerability in Union Pay Android apps allows attackers to bypass payment authentication by generating fraudulent cryptographic signatures using...

This vulnerability in phpseclib allows attackers to forge RSA PKCS#1 v1.5 signatures, potentially bypassing authentication or authorization checks. It...

CVE-2024-26194 is a Secure Boot security feature bypass vulnerability that allows attackers to circumvent Secure Boot protections on affected systems....

IBM ApplinX 11.1 has a privilege escalation vulnerability where attackers can craft or modify JWT tokens to impersonate users or gain elevated privile...

This vulnerability in some Honor products allows attackers to forge system files and overwrite legitimate ones due to improper signature verification....

This vulnerability in some Honor products allows attackers to forge system files and overwrite legitimate ones due to improper signature verification....

This CVE describes a DLL preloading vulnerability in Lenovo Driver Management software that could allow local attackers to escalate privileges by plac...

This vulnerability in Supermicro BMC firmware allows attackers to bypass validation checks and install malicious firmware images on affected servers. ...

This vulnerability in Supermicro BMC firmware allows attackers to bypass validation checks and install malicious firmware images on affected systems. ...

A vulnerability in Supermicro BMC firmware validation logic allows attackers to install malicious firmware images on affected systems. This affects Su...

This vulnerability allows a local administrator to bypass CPU microcode signature verification on AMD systems with SEV-SNP, potentially compromising t...

This CVE describes an improper cryptographic signature verification vulnerability in Schneider Electric's Data Center Expert software. Attackers can m...

This vulnerability allows attackers to upload malicious firmware to affected Realtek rtl819x devices by exploiting a flaw in the boa formUpload functi...

This vulnerability allows authenticated attackers to upload malicious firmware to Motorola MBTS Site Controllers due to missing cryptographic signatur...

This vulnerability allows attackers to bypass cryptographic signature verification in Dell PowerStore storage systems. By tricking a high-privileged u...

AVEVA System Platform versions 2017 through 2020 R2 P01 fail to properly verify cryptographic signatures for data, allowing attackers to bypass authen...

A signature management vulnerability in Huawei iManager NetEco products allows attackers to forge signatures and bypass signature verification during ...

This vulnerability allows remote attackers to execute arbitrary code on affected Schneider Electric homeLYnk and spaceLYnk devices by bypassing crypto...

This vulnerability allows authenticated local attackers on Windows systems with Cisco Secure Client and Secure Firewall Posture Engine installed to pe...

A library injection vulnerability in Microsoft Word 16.83 for macOS allows malicious applications to inject specially crafted libraries, leveraging Wo...

A library injection vulnerability in Microsoft Outlook for macOS allows malicious applications to inject code and leverage Outlook's permissions, pote...

A library injection vulnerability in Microsoft PowerPoint 16.83 for macOS allows malicious applications to inject specially crafted libraries, leverag...

A library injection vulnerability in Microsoft Teams for macOS allows malicious applications to inject code into the WebView.app helper process. This ...

This vulnerability allows local attackers to bypass cryptographic signature verification in Samsung SmartSwitch, enabling installation of malicious ap...

This vulnerability allows authenticated local attackers with privilege level 15 or unauthenticated attackers with physical access to execute persisten...

This vulnerability allows attackers who gain root-level access to load unsigned kernel modules, enabling kernel-level code execution and complete syst...

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass Secure Boot integrity checks and...

This vulnerability in Zoom Workplace VDI App for Windows allows authenticated local users to escalate privileges due to insufficient verification of d...

This vulnerability in Foxit PDF software allows attackers to create malicious PDFs that use JavaScript to modify annotation content and clear modifica...