Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-15222 | Insufficient Verification of Data Authenticity vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. | 5.8 |
| 2020-09-09 | CVE-2020-15163 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation the Update Framework Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. | 4.9 |
| 2020-09-04 | CVE-2020-11493 | Insufficient Verification of Data Authenticity vulnerability in Foxitsoftware Phantompdf In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject. | 5.8 |
| 2020-08-29 | CVE-2020-25019 | Insufficient Verification of Data Authenticity vulnerability in Jitsi Meet Electron jitsi-meet-electron (aka Jitsi Meet Electron) before 2.3.0 calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances. | 4.3 |
| 2020-08-11 | CVE-2020-13178 | Insufficient Verification of Data Authenticity vulnerability in Teradici Graphics Agent and Pcoip Standard Agent A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process. | 4.6 |
| 2020-08-07 | CVE-2020-11985 | Insufficient Verification of Data Authenticity vulnerability in Apache Http Server IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. | 5.3 |
| 2020-07-28 | CVE-2020-15899 | Insufficient Verification of Data Authenticity vulnerability in Grin 3.0.0/3.1.0/3.1.1 Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble. | 5.0 |
| 2020-07-15 | CVE-2020-15699 | Insufficient Verification of Data Authenticity vulnerability in Joomla Joomla! An issue was discovered in Joomla! through 3.9.19. | 5.0 |
| 2020-07-09 | CVE-2020-12406 | Insufficient Verification of Data Authenticity vulnerability in multiple products Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. | 8.8 |
| 2020-07-02 | CVE-2020-12119 | Insufficient Verification of Data Authenticity vulnerability in Ledger Live Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF). | 5.8 |