Vulnerabilities > Insufficient Verification of Data Authenticity

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-36367 Insufficient Verification of Data Authenticity vulnerability in Putty
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response.
network
low complexity
putty CWE-345
8.1
2021-06-24 CVE-2021-23998 Insufficient Verification of Data Authenticity vulnerability in Mozilla Firefox
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.
network
mozilla CWE-345
4.3
2021-06-24 CVE-2021-29963 Insufficient Verification of Data Authenticity vulnerability in Mozilla Firefox
Address bar search suggestions in private browsing mode were re-using session data from normal mode.
network
mozilla CWE-345
4.3
2021-06-15 CVE-2021-33887 Insufficient Verification of Data Authenticity vulnerability in Onepeloton Ttr01 Firmware Ptv55G
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader.
local
low complexity
onepeloton CWE-345
7.2
2021-06-08 CVE-2021-33712 Insufficient Verification of Data Authenticity vulnerability in Mendix Saml
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2).
network
low complexity
mendix CWE-345
6.5
2021-06-04 CVE-2021-33840 Insufficient Verification of Data Authenticity vulnerability in Luca-App Luca
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service (insertion of many fake records related to COVID-19) because Phone Number data lacks a digital signature.
network
low complexity
luca-app CWE-345
5.0
2021-06-03 CVE-2021-32665 Insufficient Verification of Data Authenticity vulnerability in Wire
wire-ios is the iOS version of Wire, an open-source secure messaging app.
network
low complexity
wire CWE-345
5.0
2021-06-02 CVE-2021-28678 Insufficient Verification of Data Authenticity vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
local
low complexity
python fedoraproject CWE-345
5.5
2021-05-28 CVE-2021-20267 Insufficient Verification of Data Authenticity vulnerability in multiple products
A flaw was found in openstack-neutron's default Open vSwitch firewall rules.
network
low complexity
openstack redhat CWE-345
7.1
2021-05-24 CVE-2020-28900 Insufficient Verification of Data Authenticity vulnerability in Nagios Fusion and Nagios XI
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.
network
low complexity
nagios CWE-345
critical
10.0