Fallos del tipo CWE-347

471 resultados
CVE-2026-10795HIGHUpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpcEPSS 3.0%CVE-2025-31489HIGHMinIO performs incomplete signature validation for unsigned-trailer uploadsEPSS 2.3%CVE-2024-8698HIGHKeycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloakEPSS 2.0%CVE-2018-16152HIGHIn verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation baEPSS 1.9%CVE-2018-16151HIGHIn verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation baEPSS 1.9%CVE-2019-14859HIGHA flaw was found in all python-ecdsa versions before 0.13.3, where it did not correctly verify whether signatures used DER encoding. WithoutEPSS 1.6%CVE-2025-23369HIGHImproper Verification of Cryptographic Signature in GitHub Enterprise Server Allows Signature Spoofing by Improper ValidationEPSS 1.6%CVE-2024-6800CRITICALAn XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identityEPSS 1.5%CVE-2021-41831Timestamp Manipulation with Signature WrappingEPSS 1.5%CVE-2020-15705MEDIUMGRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shimEPSS 1.4%CVE-2024-0567HIGHGnutls: rejects certificate chain with distributed trustEPSS 1.4%CVE-2020-15093HIGHImproper verification of signature threshold in toughEPSS 1.4%CVE-2021-41830Double Certificate AttackEPSS 1.3%CVE-2023-5347CRITICALUnauthenticated Firmware UpgradeEPSS 1.3%CVE-2021-41832Content Manipulation with Certificate Validation AttackEPSS 1.3%CVE-2021-1366HIGHCisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking VulnerabilityEPSS 1.3%CVE-2024-47073CRITICALDataease arbitrary interface access vulnerabilityEPSS 1.2%CVE-2022-26510CRITICALA firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafteEPSS 1.2%CVE-2021-3033CRITICALPrisma Cloud Compute: SAML Authentication Bypass Vulnerability in ConsoleEPSS 1.2%CVE-2020-5407Signature Wrapping Vulnerability with spring-security-saml2-service-providerEPSS 1.2%