Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-26610 | Insufficient Verification of Data Authenticity vulnerability in Nhn-Commerce Godomall5 The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. | 8.8 |
| 2021-10-04 | CVE-2021-38396 | Insufficient Verification of Data Authenticity vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. | 6.8 |
| 2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
| 2021-09-28 | CVE-2021-41106 | Insufficient Verification of Data Authenticity vulnerability in JWT Project JWT JWT is a library to work with JSON Web Token and JSON Web Signature. | 3.3 |
| 2021-09-16 | CVE-2021-34572 | Insufficient Verification of Data Authenticity vulnerability in Enbra EWM 1.7.29 Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode 5 devices. | 6.5 |
| 2021-09-09 | CVE-2021-26608 | Insufficient Verification of Data Authenticity vulnerability in Handysoft Hshell 1.7.4.5/2.0.3.5/4.0.1.6 An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. | 9.8 |
| 2021-09-07 | CVE-2020-19768 | Insufficient Verification of Data Authenticity vulnerability in Tokensale Project Tokensale 1.0 A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows attackers to steal tokens from victim users via a crafted script. | 7.5 |
| 2021-09-07 | CVE-2020-19769 | Insufficient Verification of Data Authenticity vulnerability in Rtb1 Project Rtb1 1.0 A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows attackers to steal tokens from victim users via a crafted script. | 7.5 |
| 2021-09-03 | CVE-2021-40491 | Insufficient Verification of Data Authenticity vulnerability in multiple products The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. | 6.5 |
| 2021-08-30 | CVE-2021-37421 | Insufficient Verification of Data Authenticity vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass. | 9.8 |