Lucene search
+L

103 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-29237

Malicious code in bioql PyPI...

5.3CVSS8.8AI score0.00223EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/29 12:0 a.m.7 views

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to insufficient verification of data authenticity, allowing attackers to trigger service failures.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to insufficient verification of data authenticity. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...

10CVSS7.3AI score0.00225EPSS
Exploits0References16Affected Software5
Positive Technologies
Positive Technologies
added 2025/08/24 12:0 a.m.5 views

PT-2025-34552 · Belkin · Belkin Ax1800

Name of the Vulnerable Software and Affected Versions: Belkin AX1800 version 1.1.00.016 Description: A vulnerability exists due to insufficient verification of data authenticity within the Firmware Update Handler component. This issue can be exploited remotely. The vendor was contacted regarding...

8.6CVSS6.8AI score0.0029EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/08/16 7:23 p.m.11 views

CVE-2025-8978

A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

8.1CVSS7.1AI score0.00503EPSS
Exploits1References1
Akamai Blog
Akamai Blog
added 2025/07/08 1:0 p.m.9 views

Protect Client-Side Code and Certify the Authenticity of Data Collection

...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the software for configuring and setting up devices of the Universal Relay (UR) series, GE Vernova Enervista UR Setup, stems from the lack of authenticity verification for a critical function. This allows attackers to carry out “man-in-the-middle” type attacks.

The vulnerability of the software for configuring and setting up Universal Relay UR devices from GE Vernova Enervista UR Setup is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability allows an attacker who operates remotely to carry out...

8.3CVSS5.5AI score0.00266EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/21 10:9 p.m.10 views

CVE-2008-3442

WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

7.5CVSS7.8AI score0.03758EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/06 12:0 a.m.8 views

The vulnerability of PARTS SOFT’s CMS, related to insufficient verification of the authenticity of executed requests, allows a hacker to perform a CSRF attack.

The vulnerability of PARTS SOFT’s CMS is related to insufficient verification of the authenticity of executed requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack by sending a specially crafted POST request...

6.6CVSS5.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.9 views

The vulnerability of microprogrammed software in PLANET Technology devices stems from the lack of authenticity verification for a critical function. This allows attackers to create accounts with root privileges.

The vulnerability of PLANET Technology’s microprogrammed software for switches is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow a malicious actor, operating remotely, to create a user account with root privileges...

10CVSS8AI score0.00538EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.7 views

The vulnerability of the in_atomic core function in the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the inatomic kernel function in the Linux operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker to cause service failures...

5.5CVSS6.5AI score0.002EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2025/04/08 6:16 p.m.4 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

6CVSS7.3AI score0.00385EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.7 views

The vulnerability of the OBN component of the SAP NetWeaver Enterprise Portal software integration platform lies in the lack of authenticity verification for a critical function. This allows attackers to circumvent existing security restrictions.

The vulnerability of the OBN component in the SAP NetWeaver Enterprise Portal software integration platform is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions remotely...

5.3CVSS5.5AI score0.00281EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/11 12:0 a.m.7 views

PT-2025-10794 · Zoom · Zoom Workplace Apps

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps affected versions not specified Description: Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access. Recommendations: At...

7.5CVSS7AI score0.00231EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/03/03 12:0 a.m.6 views

The vulnerability of the organization’s software and management tools for personal and corporate notes in Notes Station, when used with QNAP network storage devices. This vulnerability stems from the lack of authenticity verification for a critical function, allowing attackers to execute arbitrary code.

The vulnerability of the organization’s software for managing personal and corporate notes in Notes Station, when used with QNAP network storage systems, stems from the lack of authenticity verification for a critical function. Exploiting this vulnerability could allow an attacker operating...

7.5CVSS5.9AI score0.00933EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.12 views

The vulnerability of the software for updating Intel Driver & Support Assistant (DSA) stems from insufficient verification of data authenticity, allowing attackers to exploit their privileges.

The vulnerability of the Intel Driver & Support Assistant software for updating drivers is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/12 9:19 p.m.17 views

CVE-2024-39805

Insufficient verification of data authenticity in some IntelR DSA software before version 23.4.39 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS0.00128EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 2:15 p.m.47 views

CVE-2025-1108

Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This allows an unauthenticated attacker to modify the content of emails sent to reset the password. To exploit the vulnerability, the attacker must create a POST request by injecting malicious content into...

8.6CVSS0.00203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.5 views

PT-2025-5973 · Janto · Janto

Name of the Vulnerable Software and Affected Versions: Janto versions prior to r12 Description: The issue concerns an insufficient data authenticity verification vulnerability. This vulnerability allows an unauthenticated attacker to modify the content of emails sent to reset the password. To...

8.6CVSS6.5AI score0.00203EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.6 views

The vulnerability of the software platform interface for managing network infrastructure, Versa Director, allows a perpetrator to disclose protected information.

The vulnerability of the software platform interface for managing network infrastructure Versa Director is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information by sendin...

7.1CVSS6.6AI score0.00509EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.9 views

The vulnerability of Veeam Backup & Replication’s protection mechanism for cloud, virtual, and physical systems lies in its ability to allow unauthorized access to read, modify, or delete data stored in memory. This vulnerability enables attackers to gain unauthorized access to these data.

The vulnerability of Veeam Backup & Replication’s protection for cloud, virtual, and physical systems stems from the restoration of unreliable data in memory due to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker operating remotel...

7.5CVSS7.1AI score0.1513EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder