Common Weakness Enumeration

CWE-347

Allowed

Improper Verification of Cryptographic Signature

Abstraction: Base · Status: Draft

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

1127 vulnerabilities reference this CWE, most recent first.

GHSA-8WMC-QJ7W-W9JV

Vulnerability from github – Published: 2023-08-13 12:30 – Updated: 2024-04-04 06:53
VLAI
Details

Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-39393"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-13T12:15:46Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.",
  "id": "GHSA-8wmc-qj7w-w9jv",
  "modified": "2024-04-04T06:53:50Z",
  "published": "2023-08-13T12:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39393"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2023/8"
    },
    {
      "type": "WEB",
      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8XCP-QVV3-HCCF

Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-07-13 00:01
VLAI
Details

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-21474"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-09T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database.",
  "id": "GHSA-8xcp-qvv3-hccf",
  "modified": "2022-07-13T00:01:07Z",
  "published": "2022-05-24T17:41:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21474"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/2992154"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8XF4-W7QW-PJJW

Vulnerability from github – Published: 2022-03-30 00:00 – Updated: 2023-02-17 14:26
VLAI
Summary
Firebase PHP-JWT key/algorithm type confusion
Details

In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way to use the PHP-JWT library unsafely, but might not be considered a vulnerability in the library itself.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "firebase/php-jwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-46743"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347",
      "CWE-843"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-17T14:26:38Z",
    "nvd_published_at": "2022-03-29T07:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In Firebase PHP-JWT before 6.0.0, an algorithm-confusion issue (e.g., RS256 / HS256) exists via the kid (aka Key ID) header, when multiple types of keys are loaded in a key ring. This allows an attacker to forge tokens that validate under the incorrect key. NOTE: this provides a straightforward way to use the PHP-JWT library unsafely, but might not be considered a vulnerability in the library itself.",
  "id": "GHSA-8xf4-w7qw-pjjw",
  "modified": "2023-02-17T14:26:38Z",
  "published": "2022-03-30T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46743"
    },
    {
      "type": "WEB",
      "url": "https://github.com/firebase/php-jwt/issues/351"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/firebase/php-jwt/CVE-2021-46743.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/firebase/php-jwt"
    },
    {
      "type": "WEB",
      "url": "https://github.com/firebase/php-jwt/releases/tag/v6.0.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Firebase PHP-JWT key/algorithm type confusion"
}

GHSA-8XJ4-3GR5-XW39

Vulnerability from github – Published: 2025-07-08 12:31 – Updated: 2025-07-08 12:31
VLAI
Details

Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21004"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T11:15:25Z",
    "severity": "MODERATE"
  },
  "details": "Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.",
  "id": "GHSA-8xj4-3gr5-xw39",
  "modified": "2025-07-08T12:31:02Z",
  "published": "2025-07-08T12:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21004"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2025\u0026month=07"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-923W-2XV2-7PR8

Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2024-04-25 21:00
VLAI
Summary
SimpleSAMLphp Improper Verification of Cryptographic Signature
Details

The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "simplesamlphp/saml2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.10.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "simplesamlphp/saml2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0"
            },
            {
              "fixed": "2.3.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "simplesamlphp/saml2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0"
            },
            {
              "fixed": "3.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-7644"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-25T21:00:32Z",
    "nvd_published_at": "2018-03-05T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue.",
  "id": "GHSA-923w-2xv2-7pr8",
  "modified": "2024-04-25T21:00:33Z",
  "published": "2022-05-13T01:53:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7644"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/simplesamlphp/saml2/CVE-2018-7644.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/simplesamlphp/simplesamlphp"
    },
    {
      "type": "WEB",
      "url": "https://simplesamlphp.org/security/201802-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SimpleSAMLphp Improper Verification of Cryptographic Signature"
}

GHSA-929H-MG2V-7C23

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18
VLAI
Details

There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-37127"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-27T01:15:00Z",
    "severity": "HIGH"
  },
  "details": "There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00SPC100,V600R009C00SPC110,V600R009C00SPC120,V600R009C00SPC190,V600R009C00SPC200,V600R009C00SPC201,V600R009C00SPC202,V600R009C00SPC210.",
  "id": "GHSA-929h-mg2v-7c23",
  "modified": "2022-05-24T19:18:58Z",
  "published": "2022-05-24T19:18:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37127"
    },
    {
      "type": "WEB",
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-signature-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-92HG-JJMR-6GV2

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34
VLAI
Details

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8133"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-09T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.",
  "id": "GHSA-92hg-jjmr-6gv2",
  "modified": "2022-05-24T17:34:09Z",
  "published": "2022-05-24T17:34:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8133"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/661051"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/661051,"
    },
    {
      "type": "WEB",
      "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-038"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-92VM-MXJF-JQF3

Vulnerability from github – Published: 2021-11-10 20:41 – Updated: 2024-10-25 14:49
VLAI
Summary
Improper Verification of Cryptographic Signature in starkbank-ecdsa
Details

The verify function in the Stark Bank Python ECDSA library (starkbank-ecdsa) 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "starkbank-ecdsa"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-43572"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-11-10T18:23:18Z",
    "nvd_published_at": "2021-11-09T22:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The `verify` function in the Stark Bank Python ECDSA library (starkbank-ecdsa) 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.",
  "id": "GHSA-92vm-mxjf-jqf3",
  "modified": "2024-10-25T14:49:40Z",
  "published": "2021-11-10T20:41:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43572"
    },
    {
      "type": "WEB",
      "url": "https://github.com/starkbank/ecdsa-python/commit/d136170666e9510eb63c2572551805807bd4c17f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/starkbank-ecdsa/PYSEC-2021-426.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/starkbank/ecdsa-python"
    },
    {
      "type": "WEB",
      "url": "https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1"
    },
    {
      "type": "WEB",
      "url": "https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Verification of Cryptographic Signature in starkbank-ecdsa"
}

GHSA-93PJ-2PMF-2X7P

Vulnerability from github – Published: 2026-07-03 00:31 – Updated: 2026-07-03 00:31
VLAI
Details

Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-50721"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-02T22:16:43Z",
    "severity": "HIGH"
  },
  "details": "Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.",
  "id": "GHSA-93pj-2pmf-2x7p",
  "modified": "2026-07-03T00:31:52Z",
  "published": "2026-07-03T00:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50721"
    },
    {
      "type": "WEB",
      "url": "https://libreswan.org/security/CVE-2026-50721"
    },
    {
      "type": "WEB",
      "url": "https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt"
    },
    {
      "type": "WEB",
      "url": "https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.rfc-editor.org/rfc/rfc2313"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93W9-PXQ6-2VJJ

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2023-03-24 18:30
VLAI
Details

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by loading an unsigned software patch on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1808"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-15T23:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by loading an unsigned software patch on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.",
  "id": "GHSA-93w9-pxq6-2vjj",
  "modified": "2023-03-24T18:30:22Z",
  "published": "2022-05-24T16:45:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1808"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-spsv"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108367"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-463: Padding Oracle Crypto Attack

An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.