Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-26103 | Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortios and Fortiproxy An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . | 8.8 |
| 2021-11-29 | CVE-2019-8921 | Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in bluetoothd in BlueZ through 5.48. | 6.5 |
| 2021-11-16 | CVE-2021-26315 | Insufficient Verification of Data Authenticity vulnerability in AMD products When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently decrypts an encrypted FW, due to insufficient verification of the integrity of decrypted image, arbitrary code may be executed in the PSP when encrypted firmware images are used. | 7.8 |
| 2021-11-13 | CVE-2021-43616 | Insufficient Verification of Data Authenticity vulnerability in multiple products The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. | 9.8 |
| 2021-11-10 | CVE-2020-23906 | Insufficient Verification of Data Authenticity vulnerability in Ffmpeg 4.2 FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity. | 5.5 |
| 2021-10-28 | CVE-2021-22460 | Insufficient Verification of Data Authenticity vulnerability in Huawei Harmonyos 2.0 A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. | 5.5 |
| 2021-10-27 | CVE-2021-26610 | Insufficient Verification of Data Authenticity vulnerability in Nhn-Commerce Godomall5 The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. | 8.8 |
| 2021-10-04 | CVE-2021-38396 | Insufficient Verification of Data Authenticity vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. | 6.8 |
| 2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
| 2021-09-28 | CVE-2021-41106 | Insufficient Verification of Data Authenticity vulnerability in JWT Project JWT JWT is a library to work with JSON Web Token and JSON Web Signature. | 3.3 |