Homee Brain Cube 数据伪造问题漏洞

Homee Brain Cube is a smart home central control unit from Homee, Germany. A security vulnerability exists in the homee Brain Cube v2, which stems from insufficient validation of the firmware image file and could lead to code execution on the device...

Huawei Manageone 数据伪造问题漏洞

Huawei Manageone, a cloud data center management solution from Huawei of China, suffers from a denial-of-service vulnerability that could be exploited by attackers to cause certain service anomalies...

Apple watchOS 数据伪造问题漏洞

Apple watchOS is an operating system for smartwatches from Apple. A data forgery vulnerability exists in watchOS, which stems from improper signature verification in the AppleMobileFileIntegrity component. The following products and versions are affected: watchOS: 7.0 18R382, 7.0.1 18R395, 7.0.2...

UPnP 数据伪造问题漏洞

UPnP is a Universal Plug and Play protocol from the Open Connectivity Foundation. A data forgery vulnerability exists in Portable SDK version 1.14.6 and later in UPnP Devices because it does not check the value of the "host" header...

Luke Jordan Grassroot Platform 数据伪造问题漏洞

Luke Jordan grassroot-platform is an open source application by Luke Jordan. An application that makes it faster, cheaper and easier to sustainably organize and mobilize people in low-income communities. A security vulnerability exists in Luke Jordan Grassroot Platform that allows for the forgery...

Mozilla Thunderbird 数据伪造问题漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A denial of service vulnerability exists in Mozilla Thunderbird, which can be exploited b...

UnionPay Data Forgery Issue Vulnerability

UnionPay is an application system of China UnionPay Corporation UnionPay. A data forgery issue vulnerability exists in UnionPay for android versions prior to 3.4.93.4.9, which stems from not properly verifying cryptographic signatures, and can be exploited by an attacker to make free purchases on...

Terrafrost phpseclib data forgery issue vulnerability

Terrafrost phpseclib is a Terrafrost open source application. pure PHP implementation of the MIT license. A data forgery issue vulnerability exists in Terrafrost phpseclib versions prior to 2.0.31 and 3.x series versions prior to 3.0.7, which stems from incorrectly handling the RSA PKCS.No detail...

UnionPay android 数据伪造问题漏洞

UnionPay is an application system of China UnionPay Corporation UnionPay. A data forgery issue vulnerability exists in UnionPay for android versions prior to 3.4.93.4.9, which stems from not properly verifying cryptographic signatures, and can be exploited by an attacker to make free purchases on...

Terrafrost phpseclib 数据伪造问题漏洞

Terrafrost phpseclib is a Terrafrost open source application. pure PHP implementation of the MIT license. A data forgery issue vulnerability exists in Terrafrost phpseclib versions prior to 2.0.31 and 3.x series versions prior to 3.0.7, which stems from incorrectly handling the RSA PKCS.No detail...

Cisco IOS XE 数据伪造问题漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE Software suffers from a Data Forgery Issue vulnerability that stems from...

Red Hat libdnf 数据伪造问题漏洞

Red Hat libdnf is an application from Red Hat USA. provides a library that provides a simplified C and Python API for libsolv. A data forgery vulnerability exists in libdnf, which arises from the signature feature allowing an attacker to achieve code execution...

Red Hat Package Manager 数据伪造问题漏洞

Red Hat Package Manager is a packaging and installation tool for Internet downloadable packages from Red Hat USA. It is included in some Linux distributions. It generates files with the .RPM extension. It is similar to Dpkg. Red Hat Package Manager suffers from a data forgery issue vulnerability...

Red Hat Package Manager 数据伪造问题漏洞

Red Hat Package Manager is a packaging and installation tool for Internet downloadable packages from Red Hat. It is included in some Linux distributions. It generates files with the .RPM extension. Similar to Dpkg. Red Hat Package Manager suffers from a Data Forgery Problem vulnerability that...

Cisco SD-WAN vEdge Router 数据伪造问题漏洞

The Cisco SD-WAN vEdge Routers is a router from Cisco USA. The device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions. The Cisco SD-WAN vEdge Router suffers from a Data Forgery Issue vulnerability, which can be exploited by an attacker to escalate his...

Prisma Cloud Compute Data Forgery Issue Vulnerability

A data forgery issue vulnerability exists in Prisma Cloud Compute that arises from a network system or product that does not adequately validate the origin or authenticity of data. An attacker could exploit the falsified data to conduct an attack...

Multiple Cisco Products Data Forgery Issue Vulnerabilities

The Cisco 8000 Series Router and the Cisco Network Convergence System 540 Series Routers are both router devices from Cisco USA. A data forgery issue vulnerability exists in Cisco IOS XR on multiple Cisco routers. The vulnerability is caused due to an unlocked version of the GRUB bootloader on th...

Multiple Cisco Products Data Forgery Issue Vulnerabilities

The Cisco 8000 Series Router and the Cisco Network Convergence System 540 Series Routers are both router devices from Cisco USA. A data forgery vulnerability exists in Cisco IOS XR on multiple Cisco routers. The vulnerability is due to an unsigned script in the ISO that is verified without...

GNOME Evolution Data Forgery Issue Vulnerability

GNOME Evolution is a suite of email client programs for the Gnome desktop environment for Linux. The program provides Email, calendar, meeting scheduling, contact management, and other features. A data forgery issue vulnerability exists in GNOME Evolution through 3.38.3, which stems from Evolutio...

Github Monal Data Falsification Issue Vulnerability

Github Monal is a cross-platform modern XMPP client for iOS and macOS. Monal before 4.9 suffers from a data forgery issue vulnerability that stems from not properly validating the sender of results. An attacker can use this vulnerability to inject arbitrary messages into local history and take fu...