Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-24 | CVE-2017-3224 | Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. | 8.2 |
| 2018-07-10 | CVE-2018-2434 | Insufficient Verification of Data Authenticity vulnerability in SAP Netweaver, UI Infra and User Interface Technology A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). | 4.3 |
| 2018-06-17 | CVE-2018-12333 | Insufficient Verification of Data Authenticity vulnerability in Ecos Secure Boot Stick Firmware 5.6.5 Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code. | 8.1 |
| 2018-06-08 | CVE-2017-1405 | Insufficient Verification of Data Authenticity vulnerability in IBM Security Identity Manager 7.0/7.0.1 IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. | 4.9 |
| 2018-05-18 | CVE-2018-6562 | Insufficient Verification of Data Authenticity vulnerability in Totemo Totemomail Encryption Gateway totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack. | 7.5 |
| 2018-04-24 | CVE-2018-7932 | Insufficient Verification of Data Authenticity vulnerability in Huawei Appgallery Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. | 8.8 |
| 2018-04-13 | CVE-2018-10080 | Insufficient Verification of Data Authenticity vulnerability in Secutech Project Ris-11 Firmware, Ris-22 Firmware and Ris-33 Firmware Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie. | 8.6 |
| 2018-01-31 | CVE-2017-1773 | Insufficient Verification of Data Authenticity vulnerability in IBM Datapower Gateway IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. | 4.0 |
| 2017-12-26 | CVE-2017-12740 | Insufficient Verification of Data Authenticity vulnerability in Siemens Logo! Soft Comfort Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. | 5.9 |
| 2017-12-16 | CVE-2017-14091 | Insufficient Verification of Data Authenticity vulnerability in Trendmicro Scanmail 12.0 A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory. | 7.5 |