Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-38432 | Insufficient Verification of Data Authenticity vulnerability in Matrix-Globalservices Tafnit Matrix Tafnit v8 - CWE-646: Reliance on File Name or Extension of Externally-Supplied File | 9.8 |
| 2024-07-16 | CVE-2024-3173 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 8.8 |
| 2024-06-24 | CVE-2024-33687 | Insufficient Verification of Data Authenticity vulnerability in Omron products Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. | 7.5 |
| 2024-06-21 | CVE-2022-44593 | Insufficient Verification of Data Authenticity vulnerability in Solidwp Solid Security Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1. | 5.3 |
| 2024-06-09 | CVE-2024-5458 | Insufficient Verification of Data Authenticity vulnerability in multiple products In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. | 5.3 |
| 2024-06-06 | CVE-2024-5684 | Insufficient Verification of Data Authenticity vulnerability in VW products An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. | 8.8 |
| 2024-06-06 | CVE-2024-3049 | Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in Booth, a cluster ticket manager. | 5.9 |
| 2024-05-14 | CVE-2023-45586 | Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortios and Fortiproxy An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets. | 5.0 |
| 2024-02-13 | CVE-2023-20570 | Insufficient Verification of Data Authenticity vulnerability in AMD products Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams. | 3.3 |
| 2024-02-03 | CVE-2023-32329 | Insufficient Verification of Data Authenticity vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. | 5.5 |