Vulnerabilities > Improper Validation of Integrity Check Value

DATE CVE VULNERABILITY TITLE RISK
2017-10-29 CVE-2017-15994 Improper Validation of Integrity Check Value vulnerability in Samba Rsync
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions.
network
low complexity
samba CWE-354
critical
9.8
2017-08-20 CVE-2017-12973 Improper Validation of Integrity Check Value vulnerability in Connect2Id Nimbus Jose+Jwt
Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack.
network
high complexity
connect2id CWE-354
3.1
2017-07-31 CVE-2017-9498 Improper Validation of Integrity Check Value vulnerability in multiple products
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access.
local
low complexity
motorola comcast CWE-354
5.5
2017-06-13 CVE-2017-4961 Improper Validation of Integrity Check Value vulnerability in Cloud Foundry Bosh
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions.
network
low complexity
cloud-foundry CWE-354
8.8