55 matches found
The vulnerability of the Open vSwitch (OvS) multi-level switch lies in insufficient data authentication, which allows attackers to redirect ICMPv6 traffic to arbitrary IP addresses.
The vulnerability of the Open vSwitch OvS multi-level switch lies in insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker to redirect ICMPv6 traffic to arbitrary IP addresses...
ROS-20240410-20
A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...
ROS-20240410-25
A vulnerability in e-Tugra root certificates of SSL Certifi's SSL certificate validation package is related to with insufficient data authentication. Exploitation of the vulnerability could allow an attacker, acting remotely to execute a man-in-the-middle attack...
ROS-20240408-16
A vulnerability in SendMail SMTP Server software is related to insufficient data authentication data. Exploitation of the vulnerability could allow a remote attacker to bypass the security mechanism and inject e-mail messages with a spoofed MAIL FROM address. security mechanism and inject e-mail...
BIT-PYTHON-2023-40217
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...
PT-2023-9182 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: The issue is related to insufficient data authentication in the Trend Micro Apex One security agent, which could allow a local attacker to escalate privileges on affected...
Amazon Linux AMI : python27 (ALAS-2023-1876)
The version of python27 installed on the remote host is prior to 2.7.18-2.148. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1876 advisory. An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It...
The vulnerability of the BIG-IP Edge installer client for macOS against software tools from BIG-IP (such as APM and APM Clients) allows attackers to increase their privileges.
The vulnerability of the BIG-IP Edge installer’s client for macOS, which relies on software tools like BIG-IP APM and APM Clients, is related to insufficient data authentication checks. Exploiting this vulnerability can allow attackers to increase their privileges...
PT-2023-9181 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: The issue is related to insufficient data authentication in the Trend Micro Apex One security agent, allowing a local attacker to escalate privileges on affected installations...
The vulnerability of the Zoom Desktop for Windows video conferencing software in relation to insufficient data authentication checks allows attackers to exploit their privileges.
The vulnerability of the Zoom Desktop for Windows video conferencing software-related software lies in insufficient verification of data authenticity. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
CVE-2023-40217
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...
PT-2023-4166 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.11.20 through 3.5.19.20 Description: The issue is related to insufficient data authentication in the CODESYS Development System, which may allow a remote attacker to modify the content of notifications...
The vulnerabilities of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Honeywell Experion LX measurement and control controllers, and the Experion PlantCruise distribution control system allow a intruder to gain unauthorized access to protected information.
The vulnerabilities of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Honeywell Experion LX measurement and control controllers, and the Experion PlantCruise distribution control system are related to insufficient data authentication checks. Exploiting these...
OpenSSL 3.0.0 < 3.0.10 Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 3.0.10. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.10 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functio...
PT-2023-3878 · Honeywell · Honeywell Experion Pks +2
Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS affected versions not specified Honeywell Experion LX affected versions not specified Experion PlantCruise affected versions not specified Description: The issue is related to insufficient data authentication in the...
WordPress Plugin uListing 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin uListing suffers from a...
The vulnerability of the SSH network protocol implementation in microprogrammable industrial network interfaces SCALANCE SC622-2C, SC626-2C, SC632-2C, SC636-2C, SC642-2C, and SC646-2C arises from insufficient data authentication checks. This allows attackers to trigger service failures.
The vulnerability of the SSH network protocol implementation in microprogrammable industrial network interfaces such as SCALANCE SC622-2C, SC626-2C, SC632-2C, SC636-2C, SC642-2C, and SC646-2C is related to insufficient resource control during their lifespan. Exploiting this vulnerability could...
The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller), as well as Citrix Gateway access control systems (formerly known as Citrix NetScaler Gateway), stems from insufficient verification of data authenticity. This allows attackers to gain access to servers configured in RDP proxy mode.
The vulnerability of Citrix ADC application delivery controllers formerly known as Citrix NetScaler Application Delivery Controller and Citrix Gateway access control systems formerly known as Citrix NetScaler Gateway is related to insufficient data authentication checks. Exploiting this...
Authorization
Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link...
PT-2022-6382 · Nvidia · Nvidia Geforce +5
Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows affected versions not specified NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla affected versions not specified Description: The issue is related to insufficient data authentication, which may allow an...