Lucene search
K

484 matches found

CNNVD
CNNVD
added 2025/01/23 12:0 a.m.5 views

Xerox Workplace Suite 数据伪造问题漏洞

Xerox Workplace Suite is a powerful print management software from Xerox. A data forgery issue vulnerability exists in Xerox Workplace Suite version 5.6.701.9, which stems from the inclusion of an email spoofing issue...

5.3CVSS6.7AI score0.00179EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

GitHub Enterprise Server 数据伪造问题漏洞

GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...

8.8CVSS8.9AI score0.01552EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.10 views

Stats 数据伪造问题漏洞

Stats is a menu-bar macOS system monitor by Serhiy Mytrovtsiy Individual Developer. Stats suffers from a Data Forgery Issue vulnerability that stems from the shouldAcceptNewConnection function unconditionally returning YES, allowing any XPC client to connect to the service without any form of...

8.7CVSS6.5AI score0.00261EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.7 views

AWS Cloud Development Kit 数据伪造问题漏洞

AWS Cloud Development Kit is an open source software development framework open sourced by Amazon Web Services for defining cloud infrastructure in code and configuring it via AWS CloudFormation. A data forgery vulnerability exists in AWS Cloud Development Kit, which stems from the fact that it...

8.1CVSS6.8AI score0.00312EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.5 views

Ivanti EPM 数据伪造问题漏洞

Ivanti EPM is a one-stop-shop for managing user profiles and all client devices from Ivanti, USA. Ivanti EPM is vulnerable to a data forgery issue vulnerability that stems from the inclusion of an improper signature verification issue. Allowing a remote unauthenticated attacker to exploit the...

7.8CVSS9.4AI score0.00505EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.5 views

cjwt 数据伪造问题漏洞

cjwt is a small JWT handler open-sourced by Xmidt. A data forgery vulnerability exists in cjwt version v2.2.0, which stems from an algorithmic obfuscation issue, where the system mishandles the verification of signature types and fails to differentiate between signature tokens, allowing an attack...

9.1CVSS6.7AI score0.00384EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.5 views

quic-go 数据伪造问题漏洞

quic-go is an implementation of the QUIC protocol, RFC 9000 protocol in Go by Lucas Clemente, a personal developer. A data forgery issue vulnerability exists in versions of quic-go prior to v0.48.1, which stems from the mishandling of ICMP Packet Too Large messages, and could allow an out-of-path...

6.5CVSS5.7AI score0.00608EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.6 views

Red Hat Ceph Storage 数据伪造问题漏洞

Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. A data forgery issue vulnerability exists in Red Hat Ceph Storage that stems from the presence of an authentication bypass...

8.1CVSS8AI score0.00192EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/27 12:0 a.m.2 views

Galaxy Software Services iota C.ai Conversational Platform 数据伪造问题漏洞

Galaxy Software Services iota C.ai Conversational Platform is an intelligent AI conversational platform from Galaxy Software Services China. A data forgery vulnerability exists in Galaxy Software Services iota C.ai Conversational Platform versions 1.0.0 through 2.1.3, which stems from an improper...

9.3CVSS6.8AI score0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/24 12:0 a.m.6 views

ONEKEY Platform 数据伪造问题漏洞

ONEKEY Platform is an application of ONEKEY. A data forgery issue vulnerability exists in ONEKEY Platform, which stems from peer-to-peer authentication being disabled everywhere, allowing a remote unauthenticated user to execute arbitrary commands with elevated privileges on an affected device...

9.8CVSS7.8AI score0.00417EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.36 views

Visteon Infotainment 数据伪造问题漏洞

Visteon Infotainment is an automotive infotainment system from Visteon Corporation. Visteon Infotainment suffers from a data forgery vulnerability that arises from insufficient authenticity verification of the firmware image provided during firmware updates to the VIP microcontroller, which could...

8.8CVSS8.8AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/15 12:0 a.m.6 views

Fortinet FortiClient Data Forgery Issue Vulnerability (CNVD-2024-49647)

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. The Fortinet FortiClient is vulnerable to a data forgery...

7.5CVSS6.7AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.3 views

Fortinet FortiClient 数据伪造问题漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. The Fortinet FortiClient is vulnerable to a data forgery...

7.5CVSS6.8AI score0.00133EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.7 views

Laravel Reverb 数据伪造问题漏洞

Laravel Reverb is an open source library for The Laravel Framework. It brings real-time WebSocket communication to Laravel applications. A data forgery issue vulnerability exists in Laravel Reverb versions prior to 1.4.0, which stems from a failure to validate the authentication signature of...

6.3CVSS6.7AI score0.00332EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.6 views

ABB多款产品 数据伪造问题漏洞

ABB Relion Protection Relays and others are products of ABB Switzerland.ABB Relion Protection Relays are a compact, multifunctional solution for utility and industrial power distribution systems.ABB REX610 is a flexibly configurable all-in-one protection relay.ABB REX615 is ABB REX615 is a flexib...

5.9CVSS6.8AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.5 views

Schneider Electric Data Center Expert 数据伪造问题漏洞

Schneider Electric Data Center Expert is a data monitoring software from Schneider Electric USA. A data forgery issue vulnerability exists in Schneider Electric Data Center Expert version 8.1.1.3 and prior versions, which stems from improper cryptographic signature validation, and could compromis...

7.2CVSS6.5AI score0.00446EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/10 12:0 a.m.6 views

Gradio 数据伪造问题漏洞

Gradio, an open source Python library open sourced by Hugging Face, is a method for demonstrating machine learning models through a friendly web interface. Gradio suffers from a Data Forgery Problem vulnerability that stems from the fact that if an attacker gains access to the remote URL where th...

7.5CVSS6.5AI score0.00208EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.5 views

SSOReady 数据伪造问题漏洞

SSOReady is an open source development tool for enterprise SSO from SSOReady Open Source. A data forgery vulnerability exists in SSOReady, which stems from the vulnerability of the affected version to XML signature bypass attacks...

9.8CVSS8AI score0.00387EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/07 12:0 a.m.5 views

Meshtastic device firmware 数据伪造问题漏洞

Meshtastic device firmware is a Meshtastic open source firmware for Meshtastic devices running open source, off-grid, decentralized mesh networks. A data forgery vulnerability exists in Meshtastic versions prior to 2.5.1, which stems from the remote hardware module not checking if a received remo...

6.4CVSS6.6AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.3 views

goTenna Pro 数据伪造问题漏洞

The goTenna Pro is a series of devices from goTenna that can create networks for off-grid communications and situational awareness. A data forgery vulnerability exists in the goTenna Pro that arises from the use of AES CTR mode for short encrypted messages without any additional integrity checkin...

6CVSS6.8AI score0.00085EPSS
Exploits0References2
Rows per page
Query Builder