Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-03 | CVE-2023-32329 | Insufficient Verification of Data Authenticity vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. | 5.5 |
| 2024-01-12 | CVE-2023-2030 | Insufficient Verification of Data Authenticity vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadata of signed commits. | 5.3 |
| 2023-12-24 | CVE-2023-51765 | Insufficient Verification of Data Authenticity vulnerability in multiple products sendmail through 8.17.2 allows SMTP smuggling in certain configurations. | 5.3 |
| 2023-12-24 | CVE-2023-51766 | Insufficient Verification of Data Authenticity vulnerability in multiple products Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. | 5.3 |
| 2023-12-24 | CVE-2023-51764 | Insufficient Verification of Data Authenticity vulnerability in multiple products Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). | 5.3 |
| 2023-12-21 | CVE-2023-51655 | Insufficient Verification of Data Authenticity vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration | 9.8 |
| 2023-12-11 | CVE-2023-45292 | Insufficient Verification of Data Authenticity vulnerability in Mojotv Base64Captcha When using the default implementation of Verify to check a Captcha, verification can be bypassed. | 5.3 |
| 2023-12-01 | CVE-2023-44402 | Insufficient Verification of Data Authenticity vulnerability in Electronjs Electron Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. | 7.0 |
| 2023-11-30 | CVE-2023-49087 | Insufficient Verification of Data Authenticity vulnerability in Simplesamlphp Saml2 and Xml-Security xml-security is a library that implements XML signatures and encryption. | 7.5 |
| 2023-11-17 | CVE-2023-48238 | Insufficient Verification of Data Authenticity vulnerability in Joaquimserafim Json web Token joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. | 7.5 |