Lucene search
K

743 matches found

Cvelist
Cvelist
added 2022/03/18 5:59 p.m.21 views

CVE-2021-4031 Syltek Insufficient Verification of Data Authenticity

Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification...

7.5CVSS7.7AI score0.00457EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/02/28 12:0 a.m.6 views

The vulnerability of BIOS microprogramming systems in Dell laptops, related to insufficient verification of data authenticity, allows attackers to gain unauthorized access to protected information.

The vulnerability of BIOS microprogramming systems in Dell laptops is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

4.7CVSS5.9AI score0.00138EPSS
Exploits0References3Affected Software211
CNVD
CNVD
added 2022/02/13 12:0 a.m.30 views

Dell Client Commercial Data Forgery Issue Vulnerability

Dell Client Commercial is a line of workstation equipment from Dell, Inc. The Dell Client Commercial has a security vulnerability that stems from the device's susceptibility to an insufficient data authentication vulnerability. An authenticated attacker could use this vulnerability to install...

5.1CVSS5.2AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2022/02/09 8:15 p.m.28 views

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...

5.1CVSS0.00138EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 8:15 p.m.4 views

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...

5.1CVSS5.8AI score0.00138EPSS
Exploits0References1
Prion
Prion
added 2022/02/09 8:15 p.m.18 views

Design/Logic Flaw

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...

3.6CVSS5.1AI score0.00138EPSS
Exploits0References1Affected Software214
CVE
CVE
added 2022/02/09 8:0 p.m.111 views

CVE-2022-22567

CVE-2022-22567 affects Dell Client Commercial (and Consumer) platforms and is caused by insufficient verification of data authenticity, enabling an authenticated attacker to install modified BIOS firmware. The connected records confirm the vulnerability targets Dell client platforms and involve B...

5.1CVSS5AI score0.00138EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/09 12:0 a.m.8 views

The vulnerability of the Samba network file system, related to insufficient verification of data authenticity, allows a perpetrator to cause service interruptions.

The vulnerability of the Samba network file system is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS7.3AI score0.01301EPSS
Exploits0References9Affected Software6
ATTACKERKB
ATTACKERKB
added 2022/02/07 12:0 a.m.7 views

CVE-2022-22567

Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware...

5.1CVSS6.1AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/13 12:0 a.m.3 views

cryptsetup 数据伪造问题漏洞

Cryptsetup is a utility to easily set up disk encryption based on the DMCrypt kernel module. A security vulnerability exists in cryptsetup that stems from the software's lack of effective validation of data authenticity. A specially crafted LUKS header can trick cryptsetup into disabling encrypti...

4.3CVSS7AI score0.0028EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.4 views

The vulnerability in the implementation of the SDP service for the Bluetooth protocol stack for the Linux BlueZ operating system allows a attacker to disclose protected information.

The vulnerability of the SDP service implementation for the Bluetooth protocol stack for the Linux BlueZ operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information...

6.5CVSS6.5AI score0.00936EPSS
Exploits1References7Affected Software4
Cvelist
Cvelist
added 2021/12/08 12:1 p.m.13 views

CVE-2021-26103

An insufficient verification of data authenticity vulnerability CWE-345 in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-sit...

6.3CVSS9AI score0.00422EPSS
Exploits0References1
Fortinet
Fortinet
added 2021/12/07 12:0 a.m.31 views

Protect

An insufficient verification of data authenticity vulnerability CWE-345 in the user interface of FortiProxy and FortiGate SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery CSRF attack . Only SSL VPN in web mode or full mode are impacted by this...

5.1CVSS8.4AI score0.00422EPSS
Exploits0Affected Software2
OSV
OSV
added 2021/11/10 10:15 p.m.16 views

CVE-2020-23906

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...

5.5CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2021/11/10 10:15 p.m.2 views

DEBIAN-CVE-2020-23906

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...

5.5CVSS6.4AI score0.00355EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2021/11/10 10:15 p.m.26 views

CVE-2020-23906

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...

5.5CVSS6.7AI score0.00355EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2021/11/10 9:26 p.m.38 views

CVE-2020-23906

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...

5.5CVSS5.2AI score0.00355EPSS
Exploits1
CNNVD
CNNVD
added 2021/11/10 12:0 a.m.4 views

FFmpeg 数据伪造问题漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. FFmpeg N-98388-g76a3ee996b contains a security vulnerability that could be exploited by an attacker to cause a denial of service DoS via a crafted audio file due to insufficient...

5.5CVSS7.7AI score0.00355EPSS
Exploits1References2
CNVD
CNVD
added 2021/10/31 12:0 a.m.9 views

HarmonyOS Security Bypass Vulnerability (CNVD-2021-87048)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security bypass vulnerability exists in HarmonyOS versions prior to 2.0, where a component of HarmonyOS does not adequately validate data authenticity...

5.5CVSS6.6AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 2021/10/28 1:15 p.m.3 views

CVE-2021-22460

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References1
Rows per page
Query Builder