CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

ROS-2-678

2.678 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32890

CVE-2025-32890 affects goTenna Mesh devices running app 5.5.3 and firmware 1.1.12. The root cause is a custom encryption implementation without additional integrity checks, making messages malleable and potentially accessible to an attacker who can access the message. The connected documents conf...

PT-2025-18690 · Gotenna · Gotenna Mesh

Name of the Vulnerable Software and Affected Versions: goTenna Mesh versions 5.5.3 and firmware 1.1.12 Description: The issue concerns a custom encryption implementation without additional integrity checking mechanisms, making messages susceptible to tampering by an attacker with access to the...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

PT-2025-18669 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 with application 5.5.3 and firmware 0.25.5 Description: The issue concerns the use of a custom encryption implementation in the application without additional integrity checking mechanisms. This makes messages vulnerable to an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient integrity checking of inlinedots inode in f2fs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient integrity checking of node block addresses in the truncatenode function in the f2fs module...

Resources Downloaded Over Insecure Protocol

gradio is vulnerable to Resources Downloaded over Insecure Protocol. The vulnerability is due to the lack of integrity checking on the downloaded FRP client. An attacker can introduce malicious code by modifying the binary without detection if they gain access to the remote URL from which the FRP...

CVE-2024-43108

CVE-2024-43108 affects the goTenna Pro ATAK Plugin. The vulnerability is due to AES-CTR encryption for short messages without any integrity checking, making messages malleable to an attacker who can access the message. Affected versions include 1.9.12 and earlier; mitigation guidance recommends u...

CVE-2024-47123

CVE-2024-47123 is tied to the goTenna Pro family where AES-CTR is used for short encrypted messages without an integrity check. The root cause is lack of message integrity protection, which makes ciphertext malleable and could compromise confidentiality/integrity of communications on affected dev...

CVE-2024-36505

An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...

CVE-2024-36505

An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...

CVE-2024-36505

FortiOS contains an improper access control vulnerability (CWE-284) that could allow an attacker who already has write access to bypass the real-time file integrity checking system. Affected versions: FortiOS 7.4.0–7.4.3, 7.2.5–7.2.7, 7.0.12–7.0.14, and all 6.4.x. Root cause: bypass of file integ...

CVE-2024-0947

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...