Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2018-7932 | Insufficient Verification of Data Authenticity vulnerability in Huawei Appgallery Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. | 6.8 |
| 2018-04-13 | CVE-2018-10080 | Insufficient Verification of Data Authenticity vulnerability in Secutech Project Ris-11 Firmware, Ris-22 Firmware and Ris-33 Firmware Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie. | 5.0 |
| 2018-01-31 | CVE-2017-1773 | Insufficient Verification of Data Authenticity vulnerability in IBM Datapower Gateway IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. | 4.3 |
| 2017-12-26 | CVE-2017-12740 | Insufficient Verification of Data Authenticity vulnerability in Siemens Logo! Soft Comfort Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. | 4.3 |
| 2017-12-16 | CVE-2017-14091 | Insufficient Verification of Data Authenticity vulnerability in Trendmicro Scanmail 12.0 A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory. | 7.6 |
| 2017-11-22 | CVE-2017-2701 | Insufficient Verification of Data Authenticity vulnerability in Huawei Mate 9 Firmware Mhaal00Ac00B125 Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. | 4.3 |
| 2017-10-13 | CVE-2017-10624 | Insufficient Verification of Data Authenticity vulnerability in Juniper Junos Space 15.1/15.2 Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. | 5.1 |
| 2017-10-12 | CVE-2017-10862 | Insufficient Verification of Data Authenticity vulnerability in Really Jwt-Scala jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token. | 5.0 |
| 2017-09-20 | CVE-2015-9232 | Insufficient Verification of Data Authenticity vulnerability in Good for Enterprise 3.0.0.415 The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its Authentication Delegation API intent. | 2.6 |
| 2017-08-20 | CVE-2017-12972 | Insufficient Verification of Data Authenticity vulnerability in Connect2Id Nimbus Jose+Jwt In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC. | 7.5 |