Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-31 | CVE-2019-10181 | Insufficient Verification of Data Authenticity vulnerability in multiple products It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. | 8.1 |
| 2019-07-25 | CVE-2019-13483 | Insufficient Verification of Data Authenticity vulnerability in Auth0 Passport-Sharepoint 0.3.0 Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. | 7.5 |
| 2019-07-10 | CVE-2019-12804 | Insufficient Verification of Data Authenticity vulnerability in Hunesion I-Onenet In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update. | 5.5 |
| 2019-07-06 | CVE-2019-1932 | Insufficient Verification of Data Authenticity vulnerability in Cisco Advanced Malware Protection FOR Endpoints 6.2(3) A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. | 7.2 |
| 2019-06-07 | CVE-2019-12504 | Insufficient Verification of Data Authenticity vulnerability in Inateck Wp2002 Firmware Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002 is prone to keystroke injection attacks. | 8.3 |
| 2019-06-05 | CVE-2019-1880 | Insufficient Verification of Data Authenticity vulnerability in Cisco Unified Computing System Server Firmware A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. | 2.1 |
| 2019-06-04 | CVE-2019-5587 | Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortios Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods. | 4.0 |
| 2019-05-06 | CVE-2019-5431 | Insufficient Verification of Data Authenticity vulnerability in Twitter KIT This vulnerability was caused by an incomplete fix to CVE-2017-0911. | 5.5 |
| 2019-04-24 | CVE-2019-3786 | Insufficient Verification of Data Authenticity vulnerability in Cloudfoundry Bosh Backup and Restore Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. | 4.0 |
| 2019-04-22 | CVE-2019-11235 | Insufficient Verification of Data Authenticity vulnerability in multiple products FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499. | 7.5 |