Lucene search
K

741 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/02 6:45 a.m.12 views

CVE-2026-7606

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...

6.3CVSS5.4AI score0.00234EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/05/02 6:45 a.m.8 views

EUVD-2026-26760

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...

6.3CVSS5.4AI score0.00234EPSS
Exploits1References4
CVE
CVE
added 2026/05/02 6:45 a.m.13 views

CVE-2026-7606

TRENDnet TEW-821DAP firmware, version 1.12B01, contains a weakness in the Firmware Update Handler (functions find_hwid/new_gui_update_firmware). Crafting the dest argument enables insufficient verification of data authenticity. The vulnerability is remotely exploitable; exploitation is described ...

8.1CVSS5.4AI score0.00234EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/02 12:0 a.m.9 views

TRENDnet TEW-821DAP 数据伪造问题漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. The version TRENDnet TEW-821DAP 1.12B01 has a vulnerability related to data falsification. This vulnerability stems from improper handling of the parameter dest in the findHWid/newGuiUpdateFirmware function within the...

8.1CVSS5.8AI score0.00234EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.18 views

PT-2026-36603

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...

6.3CVSS5.6AI score0.00234EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/01 12:1 p.m.6 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-28500.

Summary IBM Maximo Application Suite - Monitor Component uses onnx-1.20.1-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-28500. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-28500 DESCRIPTION: Open Neural...

9.1CVSS5.7AI score0.00318EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/04/30 6:17 p.m.8 views

EUVD-2026-26404

Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However,...

8.9CVSS5.4AI score0.00191EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Hex 安全漏洞

Hex is a package management tool for the Erlang ecosystem developed by Hex Open Source. Versions of Hex from 0.16.0 to 2.4.2 contained security vulnerabilities. These vulnerabilities were due to insufficient verification of data authenticity, which could lead to bypassing dependency integrity...

8.9CVSS5.8AI score0.00191EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/29 8:51 p.m.5 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to the lack of validation for the nonce parameter in the authentication process. An attacker can gain unauthorized access by replaying a previously obtained valid ID token, allowing...

7.1CVSS5.8AI score0.00152EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 5:16 a.m.10 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/29 4:46 a.m.4 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 4:46 a.m.31 views

CVE-2026-21023

The vulnerability CVE-2026-21023 affects PackageManagerService prior to SMR Mar-2026 Release 1, enabling local attackers to modify installation restrictions on specific apps. Root cause: insufficient verification of data authenticity in PackageManagerService. Impact per the sources: trivial local...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/29 4:46 a.m.6 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/29 4:46 a.m.10 views

EUVD-2026-26192

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS5.2AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/29 4:46 a.m.31 views

CVE-2026-21023

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...

6.9CVSS0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-35867

Name of the Vulnerable Software and Affected Versions PackageManagerService versions prior to SMR Mar-2026 Release 1 Description Insufficient verification of data authenticity in the PackageManagerService allows local attackers to modify the installation restriction of specific applications...

6.9CVSS5.8AI score0.00104EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/25 11:47 p.m.7 views

Insufficient Verification of Data Authenticity

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the cron process. An attacker can cause untrusted events to be labeled as trusted system events by triggering isolated cron agent runs...

6.3CVSS5.4AI score0.00151EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/24 4:31 p.m.3 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...

10CVSS5.5AI score0.00267EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 4:31 p.m.8 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...

10CVSS5.5AI score0.00267EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 4:31 p.m.4 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...

10CVSS5.5AI score0.00267EPSS
Exploits1References2
Rows per page
Query Builder