Palo Alto Networks PAN-OS 数据伪造问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall devices. There is a vulnerability in Palo Alto Networks PAN-OS related to data manipulation, which stems from an authentication bypass mechanism. This vulnerability could allow unauthenticated...

TRENDnet TEW-821DAP 数据伪造问题漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. The version TRENDnet TEW-821DAP 1.12B01 has a vulnerability related to data falsification. This vulnerability stems from improper handling of the parameter dest in the findHWid/newGuiUpdateFirmware function within the...

Ever Gauzy Platform 数据伪造问题漏洞

Ever Gauzy Platform is an open source business management platform from Ever. A Data Forgery Issue vulnerability exists in Ever Gauzy Platform version v0.281.9, which stems from an improper implementation of JWT authentication that could lead to unauthorized access...

ALTCHA 数据伪造问题漏洞

ALTCHA is a self-hosted CAPTCHA software from ALTCHA Open Source. ALTCHA suffers from a Data Forgery Problem vulnerability that stems from HMAC signatures not explicitly bound to challenge parameters, which could lead to replay attacks...

Ivanti Endpoint Manager 数据伪造问题漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. A data forgery issue vulnerability exists in versions prior to Ivanti Endpoint Manager 2024 SU4 SR1 that stems from improper cryptographic signature validation and could lead to remote code execution...

Adobe Acrobat Reader 数据伪造问题漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. Adobe Acrobat Reader versions 24.001.30264 and 20.005.30793 and 25.001.20982 and 24.001.30273 and 20.005.30803 and prior versions have a data forgery issue...

Always Encrypted Kubernetes 数据伪造问题漏洞

Always Encrypted Kubernetes is a container encryption software open source by Edgeless Systems. A data forgery issue vulnerability exists in versions prior to Always Encrypted Kubernetes 2.24.0 that stems from insecure handling of the empty key slot algorithm, which could lead to unencrypted...

Tenda G1 数据伪造问题漏洞

Tenda G1 is an Enterprise Ap Management Router from Tenda China. A data forgery issue vulnerability exists in Tenda G1 version 16.01.7.83660, which stems from insufficient data authenticity validation of the function checkuploadfile in the firmware update processing component...

Mozilla多款产品 数据伪造问题漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser. Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The software supports IMAP and POP mail protocols as well as the...

Official Clerk JavaScript SDKs 数据伪造问题漏洞

Official Clerk JavaScript SDKs is a Clerk open source official Javascript repository for Clerk authentication. A data forgery vulnerability exists in the Official Clerk JavaScript SDKs, which stems from insufficient verifyWebhook validation and may result in the acceptance of unsigned webhook...

BlueRiSC WindowsSCOPE Cyber Forensics 数据伪造问题漏洞

BlueRiSC WindowsSCOPE Cyber Forensics is a GUI-based memory forensic capture and analysis toolkit from BlueRiSC. BlueRiSC WindowsSCOPE Cyber Forensics suffers from a Data Forgery Issue vulnerability that stems from a lack of constraints in the rv32im circuit, which could lead to a malicious prove...

Microsoft Windows 数据伪造问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A data forgery vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to bypass certain functionality. The following products and versions are...

Siemens SiPass integrated AC5102和Siemens SiPass integrated ACC-AP 数据伪造问题漏洞

The Siemens SiPass integrated AC5102 and Siemens SiPass integrated ACC-AP are both products of Siemens AG, Germany.The Siemens SiPass integrated AC5102 is an advanced centralized controller.The Siemens SiPass integrated ACC-AP is an access control controller. The Siemens SiPass integrated ACC-AP ...

Microsoft Windows Virtualization-Based Security Enclave 数据伪造问题漏洞

Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is a software-based trusted execution environment in the host application address space from Microsoft Corporation USA. Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is...

Cisco IOS XR Data Forgery Issue Vulnerability

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a data forgery vulnerability that stems from insufficient module validation during software loading, which could be exploited by an attacker to launch...

Microsoft .NET 数据伪造问题漏洞

Microsoft .NET is a software framework from Microsoft Corporation USA dedicated to agile software development, rapid application development, platform-independence, and web transparency. A data forgery vulnerability exists in Microsoft . An attacker exploiting this vulnerability could remotely...

AWS Cloud Development Kit 数据伪造问题漏洞

AWS Cloud Development Kit is an open source software development framework open sourced by Amazon Web Services for defining cloud infrastructure in code and configuring it via AWS CloudFormation. A data forgery vulnerability exists in AWS Cloud Development Kit, which stems from the fact that it...

Red Hat Ceph Storage 数据伪造问题漏洞

Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. A data forgery issue vulnerability exists in Red Hat Ceph Storage that stems from the presence of an authentication bypass...

ABB多款产品 数据伪造问题漏洞

ABB Relion Protection Relays and others are products of ABB Switzerland.ABB Relion Protection Relays are a compact, multifunctional solution for utility and industrial power distribution systems.ABB REX610 is a flexibly configurable all-in-one protection relay.ABB REX615 is ABB REX615 is a flexib...

Microsoft Teams 数据伪造问题漏洞

Microsoft Teams is a software for online meetings, chat, and cloud storage capabilities from Microsoft USA. A data forgery issue vulnerability exists in Microsoft Teams version 24046.2813.2770.1094, which stems from a specially crafted library in the macOS version that can be exploited to gain...