Hono 数据伪造问题漏洞

Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing JWT header algorithmic values to influence signature validation, potentially leading to...

OneLogin ruby-saml 数据伪造问题漏洞

Onelogin OneLogin ruby-saml is a Ruby-based SAML Security Assertion Markup Language library for Single Sign-On SSO services from Onelogin, USA. A data forgery issue vulnerability exists in OneLogin ruby-saml version 1.12.4 and earlier, which stems from XML parsing differences and could lead to...

Fortinet FortiClient MacOS installer data forgery issue vulnerability

Fortinet FortiClient MacOS installer is a client installer from Fortinet. The Fortinet FortiClient MacOS installer suffers from a data forgery issue vulnerability that stems from improper cryptographic signature validation, which can be exploited by an attacker to cause elevation of privilege for...

Microsoft Playwright 数据伪造问题漏洞

Microsoft Playwright is an automation framework from Microsoft Corporation USA. Microsoft Playwright suffers from a Data Forgery Issue vulnerability, which can be exploited by an attacker to perform spoofing attacks...

Rapid7 AppSpider Pro 数据伪造问题漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...

Pioneer DMH-WT7600NEX 数据伪造问题漏洞

The Pioneer DMH-WT7600NEX is a multimedia digital media receiver from Pioneer. The Pioneer DMH-WT7600NEX suffers from a Data Forgery Issue vulnerability that stems from insufficient validation of software updates and could lead to the execution of arbitrary code...

Cisco Secure Client has a data forgery issue vulnerability

Cisco Secure Client is a software for connecting to virtual private networks from the American company Cisco Cisco. Cisco Secure Client has a data forgery issue vulnerability that stems from insufficient runtime resource validation, which can be exploited by an attacker to cause a DLL hijacking...

AMD UltraScale Data Forgery Issue Vulnerability

AMD UltraScale is a family of chips from the American company UltraMicroelectronics AMD. AMD UltraScale suffers from a security vulnerability that stems from insufficient data authenticity validation...

Honor NTH-AN00 Data Forgery Issue Vulnerability

The Honor NTH-AN00 Honor 50 is a smartphone from the Chinese company Honor. The Honor NTH-AN00 suffers from a security vulnerability that stems from a signature management vulnerability, successful exploitation of which could result in a forged system file overwriting a correct system file...

Honor NTH-AN00 Data Forgery Issue Vulnerability

The Honor NTH-AN00 Honor 50 is a smartphone from the Chinese company Honor. The Honor NTH-AN00 suffers from a security vulnerability that stems from a signature management vulnerability, successful exploitation of which could result in a forged system file overwriting a correct system file...

Google Chrome Data Forgery Problem Vulnerability (CNVD-2023-65156)

Google Chrome is a web browser from Google, an American company. A data forgery issue vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from insufficient data validation of Systems Extensions, and can be exploited by a remote attacker to bypass file restrictions vi...

UNISOC Chipsets 数据伪造问题漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets modem module, which stems from a lack of validation of the HashMME value in the Safe Mode command...

PAX Technology A930 数据伪造问题漏洞

The PAX Technology A930 is an Android mobile payment terminal from China-based PAX Technology. The PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version suffers from a Data Forgery Issue vulnerability that originates from allowing a root-privileged attacker to install an unsigned...

Syltek application 数据伪造问题漏洞

Syltek application is an application. A security vulnerability previously existed in the Syltek application version 10.22.00 that allowed an attacker to spoof a request and bypass the payment system by marking the item as paid without any authentication...

Stark Bank Data Forgery Issue Vulnerability

Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank Ecdsa-node suffers from a Data Forgery Issue vulnerability that stems from the...

Zoho Corporation ADManager Plus 数据伪造问题漏洞

ZOHO ManageEngine ADManager Plus is an Active Directory AD management and reporting solution from Zoho, Inc. ZOHO ManageEngine ADManager Plus 7110 and earlier versions are vulnerable to an authorization issue that could be exploited by an attacker to take over an account via SSO...

Xen Data Forgery Issue Vulnerability

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in the Xen...

Decentralized Anonymous Payment System Data Forgery Issue Vulnerability

Decentralized Anonymous Payment System DAPS is a decentralized anonymous payment system. A Data Forgery Issue vulnerability exists in DAPS 2019-08-26 and prior versions, which stems from the program's use of a weak signature mechanism that can be exploited by an attacker to reuse signatures...