Cisco Secure Client has a data forgery issue vulnerability

Cisco Secure Client is a software for connecting to virtual private networks from the American company Cisco Cisco. Cisco Secure Client has a data forgery issue vulnerability that stems from insufficient runtime resource validation, which can be exploited by an attacker to cause a DLL hijacking...

SimpleSAMLphp SAML2 数据伪造问题漏洞

SimpleSAMLphp SAML2 is a SAML2 PHP library from SimpleSAMLphp open source. A data forgery issue vulnerability exists in SimpleSAMLphp SAML2 version 4.17.0 and prior to version 5.0.0-alpha.20, which stems from a signature obfuscation attack in the HTTPRedirect binding that could cause an applicati...

Microsoft .NET 数据伪造问题漏洞

Microsoft .NET is a software framework from Microsoft Corporation USA dedicated to agile software development, rapid application development, platform-independence, and web transparency. A data forgery vulnerability exists in Microsoft . An attacker exploiting this vulnerability could remotely...

Samsung SmartThings 数据伪造问题漏洞

SAMSUNG SmartThings is an app for connectable smart devices from Samsung South Korea. A data forgery issue vulnerability exists in Samsung SmartThings that stems from not properly verifying cryptographic signatures, which could lead to authentication bypass...

picklescan 数据伪造问题漏洞

picklescan is a security scanning program by the individual developer Matthieu Maitre. A data forgery issue vulnerability exists in versions of picklescan prior to 0.0.23, which stems from an inability to detect a malicious pickle file with a modified ZIP file header, which could lead to arbitrar...

GE Vernova UR IED 数据伪造问题漏洞

The GE Vernova UR IED is a series of protective relays from GE Vernova, USA. A data forgery issue vulnerability exists in the GE Vernova UR IED that stems from insufficient validation of data authenticity and could result in the installation of modified firmware...

Vasion Print 数据伪造问题漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from insufficient signature verification...

Kingsoft WPS Office 数据伪造问题漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. A security vulnerability exists in Kingsoft WPS Office 12.1.0.18276 and prior versions, which stems from improper verification of digital signatures and could lead to the loading o...

aes-gcm 数据伪造问题漏洞

aes-gcm is a cryptographic algorithm in the aes-gcm open source. A data forgery issue vulnerability exists in aes-gcm versions prior to 0.4.3, which stems from the fact that decryption exposes the decrypted ciphertext even if the label is incorrect...

JupyterHub 数据伪造问题漏洞

JupyterHub is a JupyterHub open source multi-user server for Jupyter. A Data Forgery Issue vulnerability exists in JupyterHub version 1.3.0 that stems from LTI13Authenticator not verifying JWT signatures, which could lead to forged requests being authorized...

libsignal-service-rs 数据伪造问题漏洞

libsignal-service-rs is a libsignal service open-sourced by Whisperfish for communicating with Signal servers. A data forgery issue vulnerability exists in libsignal-service-rs that stems from an unverified synchronization message source that allows device impersonation...

Intel DSA 数据伪造问题漏洞

Intel DSA is a driver update tool from Intel Intel. It can detect user drivers, update the installed drivers to the latest version, support intel series of graphics cards, audio, network cards and chipset drivers, i-card users must. Intel DSA version prior to 23.4.39 has a data forgery issue...

eProsima Fast DDS 数据伪造问题漏洞

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A data forgery issue vulnerability exists in eProsima Fast DDS versions prior to 3.2.0, which stems from PermissionsCAs that are not validated for full chain validation an...

Hickory DNS 数据伪造问题漏洞

Hickory DNS is a Rust-based DNS client, server, and resolver from the Hickory DNS open source. A data forgery issue vulnerability exists in Hickory DNS version 0.8.0 and earlier, which stems from the DNSSEC validation mechanism incorrectly treating DNSKEY records across RRsets as trusted, and a...

Janto Ticketing 数据伪造问题漏洞

Janto Ticketing is a ticketing software from Janto. A data forgery issue vulnerability exists in versions of Janto Ticketing prior to r12, which stems from insufficient data authenticity validation and allows an unauthorized user to change a password to reset the content of an email...

F5 BIG-IP APM 数据伪造问题漏洞

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM suffers from a data forgery issue vulnerability that stems from a vulnerability that could allow an attacker to bypass endpoint...

regclient 数据伪造问题漏洞

regclient is a tool in the regclient open source. A data forgery issue vulnerability exists in versions of regclient prior to 0.7.1, which stems from the fact that a malicious registry may return a different summary of a fixed list without being detected...

Xerox Workplace Suite 数据伪造问题漏洞

Xerox Workplace Suite is a powerful print management software from Xerox. A data forgery issue vulnerability exists in Xerox Workplace Suite version 5.6.701.9, which stems from the inclusion of an email spoofing issue...

GitHub Enterprise Server 数据伪造问题漏洞

GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...

AWS Cloud Development Kit 数据伪造问题漏洞

AWS Cloud Development Kit is an open source software development framework open sourced by Amazon Web Services for defining cloud infrastructure in code and configuring it via AWS CloudFormation. A data forgery vulnerability exists in AWS Cloud Development Kit, which stems from the fact that it...