Total
406 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-12331 | 1 Cisco | 2 Nx-os, Unified Computing System | 2017-12-15 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-OS signature verification for software patches. An authenticated, local attacker could exploit this vulnerability to bypass signature verification and load a crafted, unsigned software patch on a targeted device. The attacker would need valid administrator credentials to perform this exploit. This vulnerability affects the following products running Cisco NX-OS System Software: Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Unified Computing System Manager. Cisco Bug IDs: CSCvf16494, CSCvf23655. | |||||
| CVE-2017-8177 | 1 Huawei | 1 Hiwallet | 2017-12-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking. | |||||
| CVE-2017-8190 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software. | |||||
| CVE-2016-8021 | 1 Mcafee | 1 Virusscan Enterprise | 2017-09-03 | 3.5 LOW | 5.0 MEDIUM |
| Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | |||||
| CVE-2014-9934 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | |||||
| CVE-2017-10669 | 1 Xoev | 1 Osci Transport Library | 2017-07-06 | 6.4 MEDIUM | 6.5 MEDIUM |
| Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs. | |||||