Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-46559 | Insufficient Verification of Data Authenticity vulnerability in Moxa Tn-5900 Firmware 3.1 The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection. | 7.5 |
| 2022-01-10 | CVE-2020-10137 | Insufficient Verification of Data Authenticity vulnerability in Silabs 700 Series Firmware and Uzb-7 Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events. | 6.5 |
| 2022-01-02 | CVE-2021-36751 | Insufficient Verification of Data Authenticity vulnerability in Encsecurity Datavault ENC DataVault 7.2.3 and before, and OEM versions, use an encryption algorithm that is vulnerable to data manipulation (without knowledge of the key). | 4.2 |
| 2021-12-28 | CVE-2020-7878 | Insufficient Verification of Data Authenticity vulnerability in 4NB Videooffice X2.9 An arbitrary file download and execution vulnerability was found in the VideoOffice X2.9 and earlier versions (CVE-2020-7878). | 9.8 |
| 2021-12-22 | CVE-2021-45419 | Insufficient Verification of Data Authenticity vulnerability in Starcharge products Certain Starcharge products are affected by Improper Input Validation. | 8.8 |
| 2021-12-10 | CVE-2021-37188 | Insufficient Verification of Data Authenticity vulnerability in Digi products An issue was discovered on Digi TransPort devices through 2021-07-21. | 8.8 |
| 2021-12-08 | CVE-2021-26103 | Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortios and Fortiproxy An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . | 8.8 |
| 2021-11-29 | CVE-2019-8921 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in bluetoothd in BlueZ through 5.48. | 6.5 |
| 2021-11-16 | CVE-2021-26315 | Insufficient Verification of Data Authenticity vulnerability in AMD products When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used. | 7.8 |
| 2021-11-13 | CVE-2021-43616 | Insufficient Verification of Data Authenticity vulnerability in multiple products The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. | 9.8 |