Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-07 | CVE-2015-5236 | Insufficient Verification of Data Authenticity vulnerability in Icedtea-Web Project Icedtea-Web It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML page that hosts Java applet in the Same Origin Policy (SOP) checks. | 7.5 |
| 2022-06-24 | CVE-2022-20829 | Insufficient Verification of Data Authenticity vulnerability in Cisco products A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. | 7.2 |
| 2022-06-21 | CVE-2022-31800 | Insufficient Verification of Data Authenticity vulnerability in Phoenixcontact products An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. | 9.8 |
| 2022-06-21 | CVE-2022-31801 | Insufficient Verification of Data Authenticity vulnerability in multiple products An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. | 9.8 |
| 2022-06-14 | CVE-2022-32252 | Insufficient Verification of Data Authenticity vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). | 7.8 |
| 2022-06-09 | CVE-2022-31813 | Insufficient Verification of Data Authenticity vulnerability in multiple products Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. | 9.8 |
| 2022-06-08 | CVE-2022-28385 | Insufficient Verification of Data Authenticity vulnerability in Verbatim products An issue was discovered in certain Verbatim drives through 2022-03-31. | 4.6 |
| 2022-05-31 | CVE-2022-29220 | Insufficient Verification of Data Authenticity vulnerability in Fastify Github Action Merge Dependabot github-action-merge-dependabot is an action that automatically approves and merges dependabot pull requests (PRs). | 6.5 |
| 2022-05-12 | CVE-2021-26368 | Insufficient Verification of Data Authenticity vulnerability in AMD products Insufficient check of the process type in Trusted OS (TOS) may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service. | 4.4 |
| 2022-05-06 | CVE-2021-27759 | Insufficient Verification of Data Authenticity vulnerability in Hcltech Bigfix Inventory This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. | 6.5 |