Lucene search
K

484 matches found

CNNVD
CNNVD
added 2025/04/08 12:0 a.m.3 views

Microsoft Windows Virtualization-Based Security Enclave 数据伪造问题漏洞

Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is a software-based trusted execution environment in the host application address space from Microsoft Corporation USA. Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is...

6CVSS8.2AI score0.00369EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.5 views

MinIO 数据伪造问题漏洞

MinIO is an open source object storage server from the US-based MinIO. The product supports building infrastructures for machine learning, analytics, and application data workloads. MinIO suffers from a data forgery issue vulnerability that stems from a potentially invalid authorization signature...

8.7CVSS7.4AI score0.02421EPSS
Exploits0References2
CNVD
CNVD
added 2025/03/24 12:0 a.m.10 views

Cisco IOS XR Data Forgery Issue Vulnerability

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a data forgery vulnerability that stems from insufficient module validation during software loading, which could be exploited by an attacker to launch...

6.7CVSS6.8AI score0.00104EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/13 12:0 a.m.4 views

Cisco Secure Client has a data forgery issue vulnerability

Cisco Secure Client is a software for connecting to virtual private networks from the American company Cisco Cisco. Cisco Secure Client has a data forgery issue vulnerability that stems from insufficient runtime resource validation, which can be exploited by an attacker to cause a DLL hijacking...

7.8CVSS6.9AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.4 views

SimpleSAMLphp SAML2 数据伪造问题漏洞

SimpleSAMLphp SAML2 is a SAML2 PHP library from SimpleSAMLphp open source. A data forgery issue vulnerability exists in SimpleSAMLphp SAML2 version 4.17.0 and prior to version 5.0.0-alpha.20, which stems from a signature obfuscation attack in the HTTPRedirect binding that could cause an applicati...

8.6CVSS6.5AI score0.00296EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.4 views

Samsung SmartThings 数据伪造问题漏洞

SAMSUNG SmartThings is an app for connectable smart devices from Samsung South Korea. A data forgery issue vulnerability exists in Samsung SmartThings that stems from not properly verifying cryptographic signatures, which could lead to authentication bypass...

8.8CVSS8.8AI score0.0073EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.8 views

Microsoft .NET 数据伪造问题漏洞

Microsoft .NET is a software framework from Microsoft Corporation USA dedicated to agile software development, rapid application development, platform-independence, and web transparency. A data forgery vulnerability exists in Microsoft . An attacker exploiting this vulnerability could remotely...

7.5CVSS8.2AI score0.00851EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/10 12:0 a.m.5 views

picklescan 数据伪造问题漏洞

picklescan is a security scanning program by the individual developer Matthieu Maitre. A data forgery issue vulnerability exists in versions of picklescan prior to 0.0.23, which stems from an inability to detect a malicious pickle file with a modified ZIP file header, which could lead to arbitrar...

9.8CVSS9.2AI score0.00512EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/10 12:0 a.m.3 views

GE Vernova UR IED 数据伪造问题漏洞

The GE Vernova UR IED is a series of protective relays from GE Vernova, USA. A data forgery issue vulnerability exists in the GE Vernova UR IED that stems from insufficient validation of data authenticity and could result in the installation of modified firmware...

6.1CVSS6.8AI score0.0017EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.7 views

Vasion Print 数据伪造问题漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from insufficient signature verification...

9.8CVSS6.8AI score0.00386EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.4 views

Kingsoft WPS Office 数据伪造问题漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. A security vulnerability exists in Kingsoft WPS Office 12.1.0.18276 and prior versions, which stems from improper verification of digital signatures and could lead to the loading o...

9.3CVSS6.8AI score0.00107EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

aes-gcm 数据伪造问题漏洞

aes-gcm is a cryptographic algorithm in the aes-gcm open source. A data forgery issue vulnerability exists in aes-gcm versions prior to 0.4.3, which stems from the fact that decryption exposes the decrypted ciphertext even if the label is incorrect...

5.6CVSS6.4AI score0.00117EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.5 views

JupyterHub 数据伪造问题漏洞

JupyterHub is a JupyterHub open source multi-user server for Jupyter. A Data Forgery Issue vulnerability exists in JupyterHub version 1.3.0 that stems from LTI13Authenticator not verifying JWT signatures, which could lead to forged requests being authorized...

10CVSS6.4AI score0.00328EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.4 views

libsignal-service-rs 数据伪造问题漏洞

libsignal-service-rs is a libsignal service open-sourced by Whisperfish for communicating with Signal servers. A data forgery issue vulnerability exists in libsignal-service-rs that stems from an unverified synchronization message source that allows device impersonation...

8.5CVSS6.7AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.6 views

Intel DSA 数据伪造问题漏洞

Intel DSA is a driver update tool from Intel Intel. It can detect user drivers, update the installed drivers to the latest version, support intel series of graphics cards, audio, network cards and chipset drivers, i-card users must. Intel DSA version prior to 23.4.39 has a data forgery issue...

7.8CVSS6.5AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.7 views

eProsima Fast DDS 数据伪造问题漏洞

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A data forgery issue vulnerability exists in eProsima Fast DDS versions prior to 3.2.0, which stems from PermissionsCAs that are not validated for full chain validation an...

7.1CVSS6.5AI score0.0019EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/10 12:0 a.m.3 views

Hickory DNS 数据伪造问题漏洞

Hickory DNS is a Rust-based DNS client, server, and resolver from the Hickory DNS open source. A data forgery issue vulnerability exists in Hickory DNS version 0.8.0 and earlier, which stems from the DNSSEC validation mechanism incorrectly treating DNSKEY records across RRsets as trusted, and a...

7.1CVSS6.5AI score0.0026EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.5 views

Janto Ticketing 数据伪造问题漏洞

Janto Ticketing is a ticketing software from Janto. A data forgery issue vulnerability exists in versions of Janto Ticketing prior to r12, which stems from insufficient data authenticity validation and allows an unauthorized user to change a password to reset the content of an email...

8.6CVSS6.7AI score0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/05 12:0 a.m.6 views

F5 BIG-IP APM 数据伪造问题漏洞

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM suffers from a data forgery issue vulnerability that stems from a vulnerability that could allow an attacker to bypass endpoint...

3.1CVSS5.5AI score0.00134EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.4 views

regclient 数据伪造问题漏洞

regclient is a tool in the regclient open source. A data forgery issue vulnerability exists in versions of regclient prior to 0.7.1, which stems from the fact that a malicious registry may return a different summary of a fixed list without being detected...

5.2CVSS5.4AI score0.00172EPSS
Exploits0References2
Rows per page
Query Builder