Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-02 | CVE-2022-26122 | Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortimail and Fortios An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64. | 8.6 |
| 2022-10-25 | CVE-2022-34845 | Insufficient Verification of Data Authenticity vulnerability in Robustel R1510 Firmware 3.1.16/3.3.0 A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. | 2.7 |
| 2022-09-13 | CVE-2022-20396 | Insufficient Verification of Data Authenticity vulnerability in Google Android 12.1/13.0 In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. | 5.5 |
| 2022-09-01 | CVE-2022-36130 | Insufficient Verification of Data Authenticity vulnerability in Hashicorp Boundary HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege escalation for authorized users of another scope. | 9.9 |
| 2022-08-29 | CVE-2022-38625 | Insufficient Verification of Data Authenticity vulnerability in Patlite products Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during the upgrade firmware file upload process. | 8.8 |
| 2022-08-25 | CVE-2022-2255 | Insufficient Verification of Data Authenticity vulnerability in multiple products A vulnerability was found in mod_wsgi. | 7.5 |
| 2022-08-24 | CVE-2021-4122 | Insufficient Verification of Data Authenticity vulnerability in Cryptsetup Project Cryptsetup It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. | 4.3 |
| 2022-08-19 | CVE-2022-2789 | Insufficient Verification of Data Authenticity vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic. | 5.5 |
| 2022-08-19 | CVE-2022-2793 | Insufficient Verification of Data Authenticity vulnerability in Emerson Electric'S Proficy Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol. | 7.8 |
| 2022-08-17 | CVE-2022-30262 | Insufficient Verification of Data Authenticity vulnerability in Emerson products The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity. | 7.8 |