Snow Software Inventory Agent Data Forgery Issue Vulnerability

Snow Software Inventory Agent is an agent program from Snow Software of Sweden. Snow Software Inventory Agent is vulnerable to a data forgery issue that stems from incorrect cryptographic signature validation that allows file manipulation via update packages...

IBM Security Access Manager Data Forgery Issue Vulnerability

IBM Security Access Manager is a product for information security management applications from International Business Machines IBM. The product enables access management control through integrated appliances for web, mobile and cloud computing. IBM Security Access Manager is vulnerable to a data...

Hyperledger Aries Cloud Agent Python Data Forgery Issue Vulnerability

Hyperledger Aries Cloud Agent Python is a tool for building the foundation of decentralized identity applications and services that run in non-mobile environments. A data forgery issue vulnerability exists in Hyperledger Aries Cloud Agent Python versions prior to 0.7.0, which stems from a data...

Honor Magic Ui Data Forgery Issue Vulnerability

Honor Magic Ui is an Android-based mobile operating system developed by Chinese company Honor. A security vulnerability exists in Honor Magic Ui, which stems from the presence of a signature management vulnerability, the successful exploitation of which may result in a forged system file...

Honor NTH-AN00 Data Forgery Issue Vulnerability

The Honor NTH-AN00 Honor 50 is a smartphone from the Chinese company Honor. The Honor NTH-AN00 suffers from a security vulnerability that stems from a signature management vulnerability, successful exploitation of which could result in a forged system file overwriting a correct system file...

Honor NTH-AN00 Data Forgery Issue Vulnerability

The Honor NTH-AN00 Honor 50 is a smartphone from the Chinese company Honor. The Honor NTH-AN00 suffers from a security vulnerability that stems from a signature management vulnerability, successful exploitation of which could result in a forged system file overwriting a correct system file...

Honor NTH-AN00 Data Forgery Issue Vulnerability

The Honor NTH-AN00 Honor 50 is a smartphone from the Chinese company Honor. The Honor NTH-AN00 suffers from a security vulnerability that stems from a signature management vulnerability, successful exploitation of which could result in a forged system file overwriting a correct system file...

Honor Magic Ui Data Forgery Issue Vulnerability

Honor Magic Ui is an Android-based mobile operating system developed by Chinese company Honor. A security vulnerability exists in Honor Magic Ui, which stems from a signature management vulnerability that can be successfully exploited to cause a forged system file to overwrite a correct system fi...

sendmail Data Forgery Issue Vulnerability

sendmail is sendmail open source a multi-purpose, multi-protocol support cross-network e-mail sending agent software. A data forgery issue vulnerability exists in sendmail 8.14.7 and earlier versions, which stems from a vulnerability that allows an attacker to bypass the SPF protection mechanism...

Postfix Data Forgery Issue Vulnerability

Postfix is an open source mail transfer agent. A data forgery issue vulnerability exists in versions prior to Postfix 3.8.4, which stems from a vulnerability that allows an attacker to bypass the SPF protection mechanism for SMTP smuggling...

h2o data forgery problem vulnerability

h2o is a new generation of HTTP server. Not only is it very fast compared to older generation HTTP servers, but it also provides faster response to end users. A data forgery issue vulnerability exists in h2o 2.3.0-beta2 and earlier versions, which arises from an opportunity for a malicious backen...

Electron Data Forgery Issue Vulnerability

Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and can be used to write cross-platform desktop applications using HTML and CSS. Electron suffers from a data forgery vulnerability that can b...

xml-security Data Forgery Issue Vulnerability

xml-security is SimpleSAMLphp open source library. xml-security version 1.6.11, saml2 5.0.0-alpha.13 version of the data forgery problem vulnerability , the vulnerability stems from the XML signature validation needs to verify that the hash value of the XML document in question matches a specific...

Misskey Data Falsification Issue Vulnerability

Misskey is a suite of micro-blogging platforms. Misskey 2023.11.0 and prior versions suffer from a Data Forgery Issue vulnerability that stems from a lack of signature validation and allows an arbitrary user to impersonate any remote user...

AsyncSSH Data Forgery Issue Vulnerability

AsyncSSH is a Python package that provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. A data forgery issue vulnerability exists in AsyncSSH v2.14.0 and earlier versions, which stems from a vulnerability that allows an attacker to...

Weak Encryption

Crypto-es is vulnerable to Insecure Hashing Algorithm. The vulnerability is present because the library uses the cryptographically weak sha1 algorithm by default. This weakness allows an attacker to potentially forge data, certificates, or digital signatures, which could lead to unauthorized acce...

Insecure Hashing Algorithm

crypto-js is vulnerable to Insecure Hashing Algorithm. The vulnerability is present because the library uses the cryptographically weak sha1 algorithm by default. This weakness allows an attacker to potentially forge data, certificates, or digital signatures, which could lead to unauthorized acce...

Apache InLong Data Forgery Issue Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.4.0 through 1.8.0 are vulnerable to a data forgery issue that arises from a networked system or product th...

Apache InLong 数据伪造问题漏洞

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.4.0 through 1.8.0 are vulnerable to a data forgery issue that arises from a networked system or product th...

Fortinet FortiAnalyzer Data Forgery Issue Vulnerability

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...