741 matches found
CVE-2026-7606
A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...
EUVD-2026-26760
A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...
CVE-2026-7606
TRENDnet TEW-821DAP firmware, version 1.12B01, contains a weakness in the Firmware Update Handler (functions find_hwid/new_gui_update_firmware). Crafting the dest argument enables insufficient verification of data authenticity. The vulnerability is remotely exploitable; exploitation is described ...
TRENDnet TEW-821DAP 数据伪造问题漏洞
TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. The version TRENDnet TEW-821DAP 1.12B01 has a vulnerability related to data falsification. This vulnerability stems from improper handling of the parameter dest in the findHWid/newGuiUpdateFirmware function within the...
PT-2026-36603
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-28500.
Summary IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-28500. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-28500 DESCRIPTION: Open Neural...
EUVD-2026-26404
Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However,...
Hex 安全漏洞
Hex is a package management tool for the Erlang ecosystem developed by Hex Open Source. Versions of Hex from 0.16.0 to 2.4.2 contained security vulnerabilities. These vulnerabilities were due to insufficient verification of data authenticity, which could lead to bypassing dependency integrity...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to the lack of validation for the nonce parameter in the authentication process. An attacker can gain unauthorized access by replaying a previously obtained valid ID token, allowing...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
CVE-2026-21023
The vulnerability CVE-2026-21023 affects PackageManagerService prior to SMR Mar-2026 Release 1, enabling local attackers to modify installation restrictions on specific apps. Root cause: insufficient verification of data authenticity in PackageManagerService. Impact per the sources: trivial local...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
EUVD-2026-26192
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
PT-2026-35867
Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1 Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications...
Insufficient Verification of Data Authenticity
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the cron process. An attacker can cause untrusted events to be labeled as trusted system events by triggering isolated cron agent runs...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...