CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...

CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

CVE-2024-36279 concerns “FreeFrom - the nostr client” (Android/iOS) versions prior to 1.3.5. The issue is reliance on obfuscation or encryption of security‑relevant inputs without proper integrity checking, enabling a man‑in‑the‑middle to manipulate the content of Direct Messages (DMs). The vulne...

Dell BIOS 安全漏洞

Dell BIOS is embedded software on a small memory chip on the motherboard of a computer from Dell USA. A security vulnerability exists in Dell BIOS, which stems from a lack of integrity checking support, and could be exploited by an attacker with physical access to the system to bypass security...

JVN#55045256: Multiple vulnerabilities in "FreeFrom - the nostr client" App

"FreeFrom - the nostr client" App provided by FreeFrom K.K. contains multiple vulnerabilities listed below. Improper verification of cryptographic signature CWE-347 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2024-36277 Reliance on obfuscation or encryption of security-relevan...

CVE-2024-22186 Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking

The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator...

Shelly TRV Security Vulnerability

Shelly TRV is a Wi-Fi connected radiator thermostat from Shelly. A security vulnerability exists in Shelly TRV version 20220811-152343 v2.1.8, which stems from a lack of integrity checking and allows a malicious user to create a backdoor via redirection...

CVE-2023-41084 Socomec MOD3GP-SY-120K Reliance on Cookies without Validation and Integrity Checking

Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device...

CVE-2023-30562 Lack of Dataset Integrity Checking

A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs...

CVE-2023-31439

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security...

CVE-2023-3050

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass. This issue affects Lockcell: before 15...

Design/Logic Flaw

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15...

CVE-2023-3050

Summary: CVE-2023-3050 affects TMT Lockcell prior to version 15, due to reliance on cookies without validation or integrity checking in security decisions, allowing privilege abuse and authentication bypass. Affected product: Lockcell (TMT Lockcell) prior to v15. Vulnerability details (from provi...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Juniper Networks Junos OS that stems from the fact that in a 6PE scenario, if...

K8924: Linux kernel vulnerability CVE-2007-3843

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

CVE-2022-36174

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...

Input validation

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...