Rancher 数据伪造问题漏洞

Rancher is an open source container management platform from the US-based Rancher Open Source, built for organizations deploying containers in production environments. Rancher suffers from a Data Forgery Issue vulnerability that stems from a flaw in the SAML authentication protocol that could lea...

Rapid7 AppSpider Pro 数据伪造问题漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...

matrix-js-sdk 数据伪造问题漏洞

matrix-js-sdk is an application component of Matrix open source. A data forgery issue vulnerability exists in matrix-js-sdk versions prior to 38.2.0, which stems from insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, which could lead to an attacker replacing a...

Cisco IOS XR Data Forgery Issue Vulnerability (CNVD-2025-21252)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a data forgery vulnerability that arises from incomplete file validation during installation, which can be exploited by an attacker to cause unsigned...

Cisco IOS XR 数据伪造问题漏洞

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a data forgery vulnerability that arises from incomplete file validation during installation, which can be exploited by an attacker to cause unsigned...

Belkin AX1800 数据伪造问题漏洞

The Belkin AX1800 is a wireless router from Belkin Canada. A data forgery issue vulnerability exists in the Belkin AX1800 version 1.1.00.016, which stems from insufficient validation of data authenticity and could lead to remote attacks...

gnark 数据伪造问题漏洞

gnark is a fast zk-SNARK library open-sourced by Consensys. for advanced APIs to design circuits. A data forgery issue vulnerability exists in versions prior to gnark 0.14.0, which stems from incomplete signature verification and could lead to signature malleability attacks...

Microsoft Windows Certificates 数据伪造问题漏洞

Microsoft Windows Certificates is a digital certificate software from Microsoft Corporation USA. A data forgery vulnerability exists in Microsoft Windows Certificates that stems from improper cryptographic signature verification and could lead to spoofing attacks...

Tenda AC15 Data Forgery Issue Vulnerability

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 is vulnerable to a data forgery issue, which stems from insufficient data authenticity...

Tenda G1 数据伪造问题漏洞

Tenda G1 is an Enterprise Ap Management Router from Tenda China. A data forgery issue vulnerability exists in Tenda G1 version 16.01.7.83660, which stems from insufficient data authenticity validation of the function checkuploadfile in the firmware update processing component...

Tenda AC15 数据伪造问题漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 is vulnerable to a data forgery issue, which stems from insufficient data authenticity...

CVE-2025-52586

The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write...

CIRCL 数据伪造问题漏洞

CIRCL is a collection of cryptographic primitives written in Go open-sourced by Cloudflare. CIRCL suffers from a Data Forgery Issue vulnerability that stems from low-order point injection and improper point validation that could compromise session security...

node-saml 数据伪造问题漏洞

node-saml is a SAML library that does not depend on any framework running in Node.js. A data forgery issue vulnerability exists in Node-SAML 5.0.1 and prior versions, which stems from an unvalidated assertion document that could result in modifying authentication details in SAML assertions...

Mozilla多款产品 数据伪造问题漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser. Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The software supports IMAP and POP mail protocols as well as the...

Siemens TIA Administrator Data Forgery Issue Vulnerability

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. A data forgery vulnerability exists in Siemens TIA Administrator, which arises from improper validation of code signing certificates and can be exploited by an attacker to bypas...

Eluktronics Control Center 数据伪造问题漏洞

Eluktronics Control Center is a control center software from Eluktronics Corporation. A data forgery issue vulnerability exists in Eluktronics Control Center version 5.23.51.41, which stems from insufficient validation of data authenticity in the REG File Handler component...

Official Clerk JavaScript SDKs 数据伪造问题漏洞

Official Clerk JavaScript SDKs is a Clerk open source official Javascript repository for Clerk authentication. A data forgery vulnerability exists in the Official Clerk JavaScript SDKs, which stems from insufficient verifyWebhook validation and may result in the acceptance of unsigned webhook...

Siemens TIA Administrator 数据伪造问题漏洞

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. A data forgery vulnerability exists in Siemens TIA Administrator, which arises from improper validation of code signing certificates and can be exploited by an attacker to bypas...

Pioneer DMH-WT7600NEX 数据伪造问题漏洞

The Pioneer DMH-WT7600NEX is a multimedia digital media receiver from Pioneer. The Pioneer DMH-WT7600NEX suffers from a Data Forgery Issue vulnerability that stems from insufficient root filesystem protection, which could lead to authentication bypass...