Apache OpenOffice 数据伪造问题漏洞

Apache OpenOffice is an open source office software suite from the Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, etc. Apache OpenOffice is vulnerable to a data forgery issue in versions prior to 4.1.10, which stems from a networked...

Apache OpenOffice 数据伪造问题漏洞

Apache OpenOffice is the United States Apache Apache Foundation's an open source office software suite . The suite contains text documents, spreadsheets, presentations, drawings, databases, and more. Versions of Apache OpenOffice prior to 4.1.10 are vulnerable to data forgery issues, which can be...

Lcobucci jwt 数据伪造问题漏洞

Jwt is a simple library that uses Json Web Token and Json Web Signature. Lcobucci jwt is vulnerable to a data forgery issue that stems from a failure to validate data in the product based on the hmac algorithm using a file path as a hash key to validate the token. An attacker could initiate a...

Zoho Corporation ADManager Plus 数据伪造问题漏洞

ZOHO ManageEngine ADManager Plus is an Active Directory AD management and reporting solution from Zoho, Inc. ZOHO ManageEngine ADManager Plus 7110 and earlier versions are vulnerable to an authorization issue that could be exploited by an attacker to take over an account via SSO...

Mcafee McAfee Agent 数据伪造问题漏洞

Mcafee McAfee Agent MA is a Mcafee client component that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A Data Forgery Issue vulnerability previously existed in McAfee Agent for Windows version 5.7.4, which could allow a local user t...

Enbra Ewm Data Forgery Issue Vulnerability

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...

Enbra Ewm数据伪造问题漏洞

Enbra Ewm is a universal reading device from the Czech company Enbra. It uses a radio to read water meters, heating cost indicators and heat meters. Enbra EWM is vulnerable to a data forgery issue in version 1.7.29, which stems from the fact that the software does not check for or detect replay...

Migration Toolkit For Containers 数据伪造问题漏洞

Red Hat Migration Toolkit For Containers Mtc is a container migration toolkit from Red Hat, Inc. It is used to provide a web console and Api based on Kubernetes custom resources to help control migration and minimize application downtime. Migration Toolkit For Containers is vulnerable to a data...

Cisco NCS 540 数据伪造问题漏洞

The Cisco NCS 540 is a router from Cisco USA. The Cisco NCS 540 Series Routers contain a data forgery issue vulnerability that could be exploited by an authenticated, local attacker to execute arbitrary code on the underlying operating system...

Palo Alto Cortex XSOAR 数据伪造问题漏洞

Palo Alto Cortex XSOAR is a software application from Palo Alto, Inc. It provides a security orchestration, automation and response platform with threat intelligence management and a built-in marketplace. A security vulnerability exists in Palo Alto Cortex XSOAR, which can be exploited by attacke...

Cisco IOS XR 数据伪造问题漏洞

Cisco IOS XR is an operating system developed by Cisco for its network devices. A data forgery vulnerability exists in Cisco IOS XR Software that could allow an authenticated, remote attacker to overwrite and read files on an arbitrary local device...

Rob The Bank 数据伪造问题漏洞

Rob The Bank is a music website. Rob The Bank suffers from a data forgery issue vulnerability that stems from the lack of destination address validation in the BurnMe function in Rob The Bank version 1.0, which allows an attacker to steal tokens from victimized users via a carefully crafted scrip...

GNU Inetutils数据伪造问题漏洞

GNU Inetutils is a common set of network programs in the GNU community. A security vulnerability exists in versions of GNU Inetutils prior to 2.2, which stems from a client not validating the addresses returned in a PASV/LSPV response to ensure that they match the server address...

Cisco Nexus 9000 Series Fabric Switches 数据伪造问题漏洞

The Cisco Nexus 9000 Series Fabric Switches is a 9000 Series Fiber Optic Switch from Cisco. The Cisco Nexus 9000 Series Fabric Switches are vulnerable to a data forgery issue that arises from TCP traffic sent to a specific port on an affected device that is not properly sanitized. The vulnerabili...

Nvidia Caffe Data Forgery Issue Vulnerability

Nvidia Caffe is a deep learning framework from Nvidia Corporation. versions prior to Nvidia Caffe 0.17.4 are vulnerable to a data forgery issue, which can be exploited by attackers to distribute malicious files to pypi.org, causing users to install the files in NVCaffe...

Nvidia Caffe 数据伪造问题漏洞

Nvidia Caffe is a deep learning framework from Nvidia Corporation. versions prior to Nvidia Caffe 0.17.4 are vulnerable to a data forgery issue, which can be exploited by attackers to distribute malicious files to pypi.org, causing users to install the files in NVCaffe...

Eclipse Californium 数据伪造问题漏洞

Eclipse Californium is a Java-based codebase from the Eclipse Foundation that provides Coap backend support for the Internet of Things. A data forgery vulnerability exists in Eclipse Californium, which arises when the product on the client side does not validate certificates from the server side...

Cisco Expressway Series和Cisco TelePresence Video Communication Server 数据伪造问题漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

wolfSSL 数据伪造问题漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from Wolfssl, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from incorrectly skipping OCSP validation under certain circumstances containing extraneous...

Dell Command Update 数据伪造问题漏洞

Dell Command Update is a tool from Dell USA used to automatically update drivers, BIOS and firmware in Dell products. A data forgery vulnerability exists in Dell Command Update, Dell Update, and Alienware Update 4.3 and earlier versions. An attacker could exploit this vulnerability to modify loca...