Improper Source Verification

cups-filter is vulnerable to Improper Source Verification. cups-browsed binds to INADDRANY:631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL. Due to the service binding to :631 INADDRANY , multiple bugs in...

CVE-2024-38886

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel...

PT-2022-28135 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper verification of the source of a communication channel in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to versio...

Input validation

Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...

PT-2022-28101 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue concerns an improper verification of the source of a communication channel. This affects the usememos/memos GitHub repository. There is no information provided about the estimated...

CVE-2022-27491

Fortinet FortiOS IPS engine flaws allow a remote, unauthenticated attacker to trigger sending of a crafted HTML “blocked page” to a victim via TCP, potentially flooding the target. Affected FortiOS IPS engine versions span 7.201–7.214, 7.001–7.113, 6.001–6.121, 5.001–5.258 and pre-4.086. The issu...

Improper Verification of Source of a Communication Channel in Apache Tomcat

The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass...

CVE-2021-32985 AVEVA System Platform Origin Validation Error

AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid...

UVI-2021-1001213 cgroup: verify that source is a string

cgroup: verify that source is a string This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit a41573667b39152176f6b08d10b4deb171e541c...

Design/Logic Flaw

Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number SSN values via a brute-force attack on a sometimes hidden search field, because the last four SSN digits are part of the supported combination of search...

VerityStream MSOW Solutions 安全漏洞

VerityStream MSOW Solutions is an application from VerityStream, Inc. A medical system. An information disclosure vulnerability exists in Primary Source Verification in VerityStream MSOW Solutions versions prior to 3.1.1, which can be exploited by an attacker to discover the Social Security Numbe...

DEBIAN-CVE-2011-1070

v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences...

UBUNTU-CVE-2019-16237

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313messagearchivemanagement.vala...