Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-29 | CVE-2022-26871 | Insufficient Verification of Data Authenticity vulnerability in Trendmicro Apex Central and Apex ONE An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. | 9.8 |
| 2022-03-18 | CVE-2021-4031 | Insufficient Verification of Data Authenticity vulnerability in Syltek Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. | 5.0 |
| 2022-03-16 | CVE-2021-39689 | Insufficient Verification of Data Authenticity vulnerability in Google Android 12.0 In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to a logic error in the code. | 7.2 |
| 2022-03-10 | CVE-2020-14111 | Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12 A command injection vulnerability exists in the Xiaomi Router AX3600. | 7.2 |
| 2022-03-10 | CVE-2020-14115 | Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50 A command injection vulnerability exists in the Xiaomi Router AX3600. | 10.0 |
| 2022-03-09 | CVE-2022-0715 | Insufficient Verification of Data Authenticity vulnerability in Schneider-Electric products A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. | 9.1 |
| 2022-03-07 | CVE-2021-24825 | Insufficient Verification of Data Authenticity vulnerability in Custom Content Shortcode Project Custom Content Shortcode The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display arbitrary files from the filesystem (such as logs, .htaccess etc), as well as perform Local File Inclusion attacks as PHP files will be executed. | 4.0 |
| 2022-02-25 | CVE-2022-25262 | Insufficient Verification of Data Authenticity vulnerability in Jetbrains HUB In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. | 9.8 |
| 2022-02-18 | CVE-2021-29655 | Insufficient Verification of Data Authenticity vulnerability in Pexip Infinity Connect Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. | 7.5 |
| 2022-02-10 | CVE-2021-44850 | Insufficient Verification of Data Authenticity vulnerability in AMD products On Xilinx Zynq-7000 SoC devices, physical modification of an SD boot image allows for a buffer overflow attack in the ROM. | 6.8 |