CodeIgniter 数据伪造问题漏洞

CodeIgniter is an open source web framework written in PHP. CodeIgniter is vulnerable to a data forgery issue. An attacker exploits this vulnerability to spoof its IP address...

PAX Technology A930 数据伪造问题漏洞

The PAX Technology A930 is an Android mobile payment terminal from China-based PAX Technology. The PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version suffers from a Data Forgery Issue vulnerability that originates from allowing a root-privileged attacker to install an unsigned...

BigBlueButton 数据伪造问题漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A data forgery issue vulnerability exists in BigBlueButton versions prior to 2.4.3, which stems from being bound by insufficient data authenticity validation, resulting in a denial of service...

Tendermint 数据伪造问题漏洞

Tendermint is a Byzantine Fault Tolerant BFT style middleware from Tendermint Corporation. A data forgery issue vulnerability exists in versions of Tendermint prior to 0.28.0, which stems from a potential attack that includes verification via incorrect cryptographic signatures and affects anyone...

Hewlett Packard Enterprise OneView 数据伪造问题漏洞

Hewlett Packard Enterprise OneView is a software from Hewlett Packard Enterprise that facilitates automated device management for IT departments. Hewlett Packard Enterprise OneView has a security vulnerability that stems from inadequate validation of data authenticity vulnerabilities in hybrid...

Certifi 数据伪造问题漏洞

Certifi is a Python SSL certificate from Certifi Open Source. A data forgery vulnerability exists in Certifi versions 2017.11.05 through 2022.12.07, which can be exploited by an attacker to remove the root certificate from the root store "TrustCor"...

immudb data forgery problem vulnerability

Immudb is a database with built-in cryptographic proof and authentication. A data forgery issue vulnerability exists in codenotary immudb versions prior to 1.4.1, which stems from a client SDK that does not validate the UUID and can accept any value reported by the server, which can be exploited ...

immudb 数据伪造问题漏洞

immudb is a CodeNotary open source immutable database based on zero-trust, SQL and key-value, tamper-resistant, data change history . immudb version 1.4.1 before there is a data forgery problem vulnerability , the vulnerability stems from a malicious server can provide false proof , the client SD...

immudb 数据伪造问题漏洞

Immudb is a database with built-in cryptographic proof and authentication. A data forgery issue vulnerability exists in codenotary immudb versions prior to 1.4.1, which stems from a client SDK that does not validate the UUID and can accept any value reported by the server, which can be exploited ...

Palo Alto Networks Cortex Xsoar 数据伪造问题漏洞

Palo Alto Networks Cortex Xsoar is a Security Orchestration Automation and Response Soar platform from Palo Alto Networks, USA. Palo Alto Networks Cortex Xsoar suffers from a data forgery issue vulnerability that originates from a local elevation of privilege PE, which allows a local attacker wit...

Citrix Gateway和Citrix ADC 数据伪造问题漏洞

Citrix Systems Citrix Gateway Citrix Systems NetScaler Gateway and Citrix ADC are both products of Citrix Systems, Inc.Citrix Gateway is a secure remote access solution. The product provides administrators with application-level and data-level controls to enable users to remotely access...

ETIC Telecom Remote Access Server 数据伪造问题漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to maintain automated equipment remotely. A data forgery vulnerability exists in ETIC Telecom Remote Access Server RAS version 4.5.0 and prior versions,...

Schneider Electric EcoStruxure Operator Terminal Expert 数据伪造问题漏洞

Schneider Electric EcoStruxure Operator Terminal Expert is a touch screen configuration software from Schneider Electric, France. This software support is mainly used for creating and editing touch applications. A data forgery vulnerability exists in Schneider Electric EcoStruxure Operator Termin...

Schneider Electric EcoStruxure Operator Terminal Expert 数据伪造问题漏洞

Schneider Electric EcoStruxure Operator Terminal Expert is a touch screen configuration software from Schneider Electric, France. This software support is mainly used for creating and editing touch applications. A data forgery vulnerability exists in Schneider Electric EcoStruxure Operator Termin...

Apple macOS 数据伪造问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. Apple macOS suffers from a data forgery vulnerability, which arises from an application that may be able to bypass code signature checks...

Robustel R1510 数据伪造问题漏洞

The Robustel R1510 is an industrial VPN router from the Chinese company Robustel. The Robustel R1510 version 3.1.16 and version 3.3.0 are vulnerable to a data forgery issue. An attacker can exploit this vulnerability to update arbitrary firmware...

node-saml 数据伪造问题漏洞

node-saml is a SAML library that does not depend on any framework running in Node.js. A data forgery issue vulnerability exists in versions prior to node-saml 4.0.0-beta.5, which can be exploited by an attacker to bypass SAML authentication on a website using passport-saml...

Passport-SAML 数据伪造问题漏洞

Passport-SAML is the SAML 2.0 authentication provider for Passport, the Node.js authentication library. Passport-SAML suffers from a data forgery issue vulnerability that stems from the fact that a remote attacker can use passport-saml to bypass SAML authentication on a website...

Grafana 数据伪造问题漏洞

Grafana is Grafana Labs open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. Grafana has a data forgery problem vulnerability. An attacker exploits this vulnerability to use...

Cisco Enterprise NFV Infrastructure Software 数据伪造问题漏洞

Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from Cisco. The platform enables full lifecycle management of virtualized services through a central orchestrator and controller. Cisco Enterprise NFV Infrastructure Software is vulnerable to a...