Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-04 | CVE-2019-7323 | Insufficient Verification of Data Authenticity vulnerability in Logmx GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. | 5.1 |
| 2018-12-19 | CVE-2018-15801 | Insufficient Verification of Data Authenticity vulnerability in VMWare Spring Framework 5.1.0/5.1.1 Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. | 5.8 |
| 2018-11-02 | CVE-2018-7798 | Insufficient Verification of Data Authenticity vulnerability in Schneider-Electric Somachine Basic A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device. | 6.4 |
| 2018-10-03 | CVE-2018-17938 | Insufficient Verification of Data Authenticity vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value. | 5.0 |
| 2018-08-10 | CVE-2018-10626 | Insufficient Verification of Data Authenticity vulnerability in Medtronic products A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. | 3.8 |
| 2018-07-24 | CVE-2017-3224 | Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. | 4.3 |
| 2018-07-10 | CVE-2018-2434 | Insufficient Verification of Data Authenticity vulnerability in SAP Netweaver, UI Infra and User Interface Technology A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). | 4.3 |
| 2018-06-17 | CVE-2018-12333 | Insufficient Verification of Data Authenticity vulnerability in Ecos Secure Boot Stick Firmware 5.6.5 Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code. | 6.8 |
| 2018-06-08 | CVE-2017-1405 | Insufficient Verification of Data Authenticity vulnerability in IBM Security Identity Manager 7.0/7.0.1 IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. | 4.0 |
| 2018-05-18 | CVE-2018-6562 | Insufficient Verification of Data Authenticity vulnerability in Totemo Totemomail Encryption Gateway totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack. | 5.0 |