743 matches found
Adobe Acrobat Pro DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Adobe Acrobat Reader 2017 Security Updates (APSB17-24) - Windows
Adobe Acrobat Reader 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat 2017 Security Updates (APSB17-24) - Mac OS X
Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...
Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X
Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Windows
Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X
Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Windows
Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Trend Micro Email Encryption Gateway Multiple Vulnerabilities
1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0006 Advisory URL:http://www.coresecurity.com/core-labs/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities Date published: 2018-02-21 Date of last update:...
Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Samsung SW Update Tool 2.2.5.16 Man-In-The-Middle
Advisory Information Title: Samsung SW Update Tool MiTM Advisory ID: CORE-2016-0003 Advisory URL: http://www.coresecurity.com/advisories/samsung-sw-update-tool-mitm Date published: 2016-03-07 Date of last update: 2016-03-04 Vendors contacted: Samsung Release mode: Coordinated release 2...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the Windows Reader component of the Windows operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Reader file from a remote location...
RSI Video Technologies Frontel Data Authenticity Validation Vulnerability
RSI Video Technologies Frontel is a suite of receiver software for monitoring Videofied wireless video alarm systems from the French company RSI Video Technologies. A security vulnerability exists in RSI Video Technologies Frontel, which arises from the program's failure to protect the integrity ...
Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates
Overview Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, fail to properly validate Swiftkey language pack updates. Description CWE-345: Insufficient Verification of Data Authenticity - CVE-2015-4640Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, are pre-installed...
Hospira LifeCare PCA Infusion System Security Restriction Bypass Vulnerability
The Hospira LifeCare PCA Infusion System is an IV infusion pump that delivers medications to patients. Hospira LifeCare PCA Infusion System 5.0 and earlier versions are vulnerable to a data authenticity validation vulnerability in their implementation by uploading software updates, configuration...
Hospira LifeCare PCA Infusion System Vulnerabilities
OVERVIEW Independent researcher Billy Rios has identified an improper authorization vulnerability and an insufficient verification of data authenticity vulnerability in Hospira’s LifeCare PCA Infusion System, which NCCIC/ICS-CERT has been coordinating with Hospira since May 2014. This advisory is...
Bitrix Site Manager 12.5.13 Insufficient Verification
Advisory ID: HTB23183 Product: Bitrix Site Manager Vendor: Bitrix, Inc Vulnerable Versions: 12.5.13 and probably prior Tested Version: 12.5.13 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: November 12, 2013 Public Disclosure:...
SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability
====================================================================== = Security Objectives Advisory SECOBJADV-2008-02 = ====================================================================== Cygwin Installation and Update Process can be Subverted Vulnerability...
Design/Logic Flaw
Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...
CVE-2008-3045
Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...
CVE-2008-3045
Unspecified vulnerability in the Industry Database aka Branchendatenbank proindustrydb extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."...