Total
309 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12356 | 1 Simple Password Store Project | 1 Simple Password Store | 2019-05-16 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension scripts. Modifying the configuration file allows the attacker to inject additional encryption keys under their control, thereby disclosing passwords to the attacker. Modifying the extension scripts allows the attacker arbitrary code execution. | |||||
| CVE-2018-15586 | 1 Enigmail | 1 Enigmail | 2019-05-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email. | |||||
| CVE-2017-17848 | 2 Debian, Enigmail | 2 Debian Linux, Enigmail | 2019-05-16 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Enigmail before 1.9.9. In a variant of CVE-2017-17847, signature spoofing is possible for multipart/related messages because a signed message part can be referenced with a cid: URI but not actually displayed. In other words, the entire containing message appears to be signed, but the recipient does not see any of the signed text. | |||||
| CVE-2017-18122 | 2 Debian, Simplesamlphp | 2 Debian Linux, Simplesamlphp | 2019-05-13 | 6.8 MEDIUM | 8.1 HIGH |
| A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the assertions is valid. Attributes contained in all the assertions received will be merged and the entityID of the first assertion received will be used, allowing an attacker to impersonate any user of any IdP given an assertion signed by the targeted IdP. | |||||
| CVE-2018-5923 | 1 Hp | 276 Color Laserjet Cm4540 Mfp, Color Laserjet Cm4540 Mfp Firmware, Color Laserjet Cp5525 and 273 more | 2019-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet Enterprise Printers, solution application signature checking may allow potential execution of arbitrary code. | |||||
| CVE-2018-18203 | 1 Subaru | 6 Starlink 2017, Starlink 2017 Firmware, Starlink 2018 and 3 more | 2019-02-05 | 6.9 MEDIUM | 6.4 MEDIUM |
| A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images (as long as the attacker obtains access to certain Harman decryption/encryption code) as a consequence of a bug where unsigned images pass a validity check. An attacker could potentially install persistent malicious head unit firmware and execute arbitrary code as the root user. | |||||
| CVE-2018-16149 | 1 Axtls Project | 1 Axtls | 2019-01-31 | 4.3 MEDIUM | 5.9 MEDIUM |
| In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures (and put them on X.509 certificates) to induce illegal memory access and crash the verifier. | |||||
| CVE-2018-8955 | 1 Bitdefender | 1 Gravityzone | 2019-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged. | |||||
| CVE-2018-0501 | 2 Canonical, Debian | 2 Ubuntu Linux, Advanced Package Tool | 2019-01-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail. | |||||
| CVE-2018-15836 | 1 Xelerance | 1 Openswan | 2019-01-10 | 5.0 MEDIUM | 7.5 HIGH |
| In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used. | |||||
| CVE-2018-16150 | 1 Axtls Project | 1 Axtls | 2018-12-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is a variant of CVE-2006-4340. | |||||
| CVE-2018-16253 | 1 Axtls Project | 1 Axtls | 2018-12-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is an even more permissive variant of CVE-2006-4790 and CVE-2014-1568. | |||||
| CVE-2018-1000539 | 1 Json-jwt Project | 1 Json-jwt | 2018-09-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 1.9.4 and later. | |||||
| CVE-2018-10407 | 1 Carbonblack | 1 Carbon Black Cb | 2018-08-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. | |||||
| CVE-2018-3756 | 1 Hyperledger | 1 Iroha | 2018-07-18 | 5.0 MEDIUM | 7.5 HIGH |
| Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures. | |||||
| CVE-2017-18146 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2018-05-14 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail. | |||||
| CVE-2018-7711 | 2 Debian, Simplesamlphp | 3 Debian Linux, Saml2, Simplesamlphp | 2018-03-29 | 6.8 MEDIUM | 8.1 HIGH |
| HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value. | |||||
| CVE-2018-0489 | 3 Arubanetworks, Debian, Shibboleth | 3 Clearpass, Debian Linux, Xmltooling-c | 2018-03-23 | 6.4 MEDIUM | 6.5 MEDIUM |
| Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486. | |||||
| CVE-2018-0486 | 2 Debian, Shibboleth | 2 Debian Linux, Xmltooling-c | 2018-02-15 | 6.4 MEDIUM | 6.5 MEDIUM |
| Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD. | |||||
| CVE-2017-17847 | 2 Debian, Enigmail | 2 Debian Linux, Enigmail | 2018-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Enigmail before 1.9.9. Signature spoofing is possible because the UI does not properly distinguish between an attachment signature, and a signature that applies to the entire containing message, aka TBE-01-021. This is demonstrated by an e-mail message with an attachment that is a signed e-mail message in message/rfc822 format. | |||||