Vulnerabilities > Insufficient Verification of Data Authenticity

DATE CVE VULNERABILITY TITLE RISK
2021-11-16 CVE-2021-26315 Insufficient Verification of Data Authenticity vulnerability in AMD products
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used.
local
low complexity
amd CWE-345
4.6
2021-11-13 CVE-2021-43616 Insufficient Verification of Data Authenticity vulnerability in Npmjs NPM
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json.
network
low complexity
npmjs CWE-345
7.5
2021-11-10 CVE-2020-23906 Insufficient Verification of Data Authenticity vulnerability in Ffmpeg 4.2
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.
network
ffmpeg CWE-345
4.3
2021-11-05 CVE-2021-41203 Insufficient Verification of Data Authenticity vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
local
low complexity
google CWE-345
4.6
2021-10-28 CVE-2021-22460 Insufficient Verification of Data Authenticity vulnerability in Huawei Harmonyos 2.0
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability.
local
low complexity
huawei CWE-345
2.1
2021-10-27 CVE-2021-26610 Insufficient Verification of Data Authenticity vulnerability in Nhn-Commerce Godomall5
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file.
network
low complexity
nhn-commerce CWE-345
6.5
2021-10-04 CVE-2021-38396 Insufficient Verification of Data Authenticity vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware
The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive.
local
low complexity
bostonscientific CWE-345
4.6
2021-09-29 CVE-2021-22947 Insufficient Verification of Data Authenticity vulnerability in multiple products
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches.
4.3
2021-09-28 CVE-2021-41106 Insufficient Verification of Data Authenticity vulnerability in JWT Project JWT
JWT is a library to work with JSON Web Token and JSON Web Signature.
local
low complexity
jwt-project CWE-345
2.1
2021-09-16 CVE-2021-34572 Insufficient Verification of Data Authenticity vulnerability in Enbra EWM 1.7.29
Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode 5 devices.
low complexity
enbra CWE-345
3.3