Lucene search
K

743 matches found

Zero Day Initiative
Zero Day Initiative
added 2018/05/15 12:0 a.m.19 views

Adobe Acrobat Pro DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.4AI score0.10546EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.36 views

Adobe Acrobat Reader 2017 Security Updates (APSB17-24) - Windows

Adobe Acrobat Reader 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.27071EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.31 views

Adobe Acrobat 2017 Security Updates (APSB17-24) - Mac OS X

Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

10CVSS8.9AI score0.27071EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.32 views

Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.27071EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.21 views

Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.27071EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.53 views

Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9AI score0.27071EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2018/03/09 12:0 a.m.31 views

Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Windows

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9AI score0.27071EPSS
Exploits5References1
Core Security
Core Security
added 2018/02/21 12:0 a.m.559 views

Trend Micro Email Encryption Gateway Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0006 Advisory URL:http://www.coresecurity.com/core-labs/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities Date published: 2018-02-21 Date of last update:...

10CVSS9.3AI score0.10813EPSS
Exploits16
Zero Day Initiative
Zero Day Initiative
added 2017/08/08 12:0 a.m.34 views

Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.5AI score0.05807EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2016/03/11 12:0 a.m.51 views

Samsung SW Update Tool 2.2.5.16 Man-In-The-Middle

Advisory Information Title: Samsung SW Update Tool MiTM Advisory ID: CORE-2016-0003 Advisory URL: http://www.coresecurity.com/advisories/samsung-sw-update-tool-mitm Date published: 2016-03-07 Date of last update: 2016-03-04 Vendors contacted: Samsung Release mode: Coordinated release 2...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.4 views

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows Reader component of the Windows operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Reader file from a remote location...

9.3CVSS7.7AI score0.25942EPSS
Exploits0References2
CNVD
CNVD
added 2015/12/02 12:0 a.m.6 views

RSI Video Technologies Frontel Data Authenticity Validation Vulnerability

RSI Video Technologies Frontel is a suite of receiver software for monitoring Videofied wireless video alarm systems from the French company RSI Video Technologies. A security vulnerability exists in RSI Video Technologies Frontel, which arises from the program's failure to protect the integrity ...

5.9CVSS6.8AI score0.00403EPSS
Exploits1References1
CERT
CERT
added 2015/06/16 12:0 a.m.37 views

Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates

Overview Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, fail to properly validate Swiftkey language pack updates. Description CWE-345: Insufficient Verification of Data Authenticity - CVE-2015-4640Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, are pre-installed...

2.9CVSS6.3AI score0.00945EPSS
Exploits1References7
CNVD
CNVD
added 2015/05/19 12:0 a.m.3 views

Hospira LifeCare PCA Infusion System Security Restriction Bypass Vulnerability

The Hospira LifeCare PCA Infusion System is an IV infusion pump that delivers medications to patients. Hospira LifeCare PCA Infusion System 5.0 and earlier versions are vulnerable to a data authenticity validation vulnerability in their implementation by uploading software updates, configuration...

9.3CVSS6.8AI score0.01242EPSS
Exploits0References1
ICS
ICS
added 2015/02/05 7:0 a.m.28 views

Hospira LifeCare PCA Infusion System Vulnerabilities

OVERVIEW Independent researcher Billy Rios has identified an improper authorization vulnerability and an insufficient verification of data authenticity vulnerability in Hospira’s LifeCare PCA Infusion System, which NCCIC/ICS-CERT has been coordinating with Hospira since May 2014. This advisory is...

10CVSS7.9AI score0.05162EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2013/12/16 12:0 a.m.85 views

Bitrix Site Manager 12.5.13 Insufficient Verification

Advisory ID: HTB23183 Product: Bitrix Site Manager Vendor: Bitrix, Inc Vulnerable Versions: 12.5.13 and probably prior Tested Version: 12.5.13 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: November 12, 2013 Public Disclosure:...

7.5CVSS0.5AI score0.01628EPSS
Exploits2
securityvulns
securityvulns
added 2008/07/26 12:0 a.m.65 views

SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability

====================================================================== = Security Objectives Advisory SECOBJADV-2008-02 = ====================================================================== Cygwin Installation and Update Process can be Subverted Vulnerability...

7.6CVSS6.6AI score0.95182EPSS
Exploits22
Prion
Prion
added 2008/07/07 6:41 p.m.13 views

Design/Logic Flaw

Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...

7.5CVSS7AI score0.01422EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2008/07/07 6:41 p.m.13 views

CVE-2008-3045

Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...

7.5CVSS6.5AI score0.01422EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/07/07 6:20 p.m.21 views

CVE-2008-3045

Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...

6.5AI score0.01422EPSS
Exploits0References3
Rows per page
Query Builder