Lucene search
+L

752 matches found

Snyk
Snyk
added 2026/03/05 9:13 p.m.4 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.5 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.6 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.7 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.4 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/05 9:13 p.m.4 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the handling of LFS object uploads. An attacker can overwrite existing LFS objects across different repositories by uploading objects with the same identifier, potentially leading to...

9.3CVSS5.8AI score0.00327EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/05 6:31 p.m.8 views

EUVD-2026-9838

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

8.2CVSS5.9AI score0.00288EPSS
Exploits1References2
NVD
NVD
added 2026/03/05 4:16 p.m.17 views

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

8.2CVSS0.00288EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/05 3:38 p.m.5 views

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

8.2CVSS5.8AI score0.00288EPSS
Exploits1References4
CVE
CVE
added 2026/03/05 3:38 p.m.33 views

CVE-2026-30798

CVE-2026-30798 affects RustDesk Client (rustdesk-client) on Windows, macOS, Linux, iOS, and Android up to version 1.4.5. The issue arises from insufficient verification of data authenticity and improper handling of exceptional conditions in the Heartbeat sync loop and strategy processing modules,...

8.2CVSS5.8AI score0.00288EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/05 3:38 p.m.6 views

CVE-2026-30798 RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

8.2CVSS5.9AI score0.00288EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.13 views

PT-2026-23463

Name of the Vulnerable Software and Affected Versions RustDesk Client versions through 1.4.5 Description A flaw exists in RustDesk Client related to insufficient verification of data authenticity and improper handling of exceptional conditions, specifically allowing protocol manipulation. The iss...

8.2CVSS5.9AI score0.00288EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.26 views

RustDesk 安全漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. Versions of RustDesk 1.4.5 and earlier contain security vulnerabilities. These vulnerabilities stem from...

8.2CVSS5.8AI score0.00288EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/03/03 12:5 p.m.190 views

Exploit for OS Command Injection in Anysphere Cursor

CVE PoC: MCP Server Config Swap in Claude Code Vulnerabilit...

8.8CVSS6.5AI score0.07598EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.6 views

SonicWALL TZ Insufficient Verification of Data Authenticity (CVE-2022-47522)

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

7.5CVSS5.5AI score0.00897EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/23 1:31 p.m.7 views

CVE-2026-2385

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.4.7. This is due to the plugin decrypting and trusting...

5.3CVSS5.3AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/02/22 9:16 a.m.10 views

CVE-2026-2385

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.4.7. This is due to the plugin decrypting and trusting...

5.3CVSS0.00148EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/22 8:24 a.m.6 views

CVE-2026-2385

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.4.7. This is due to the plugin decrypting and trusting...

5.3CVSS5.5AI score0.00148EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/22 8:24 a.m.27 views

CVE-2026-2385 The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.4.7 - Unauthenticated Email Relay

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.4.7. This is due to the plugin decrypting and trusting...

5.3CVSS0.00148EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/10 9:27 p.m.5 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in public key functions publickeyfromnumbers, EllipticCurvePublicNumbers.publickey, loadderpublickey, and loadpempublickey, which may reveal bits from a private key when provided with a...

8.2CVSS5.6AI score0.00341EPSS
Exploits0References2
Rows per page
Query Builder