Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-36858 | Insufficient Verification of Data Authenticity vulnerability in F5 products An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and macOS that may allow an attacker to modify its configured server list. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.5 |
| 2023-07-29 | CVE-2023-2314 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2023-07-25 | CVE-2023-37920 | Insufficient Verification of Data Authenticity vulnerability in Kennethreitz Certifi Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. | 9.8 |
| 2023-07-13 | CVE-2023-30562 | Insufficient Verification of Data Authenticity vulnerability in BD Alaris Guardrails Editor 12.1.2 A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs. | 6.7 |
| 2023-07-13 | CVE-2023-25178 | Insufficient Verification of Data Authenticity vulnerability in Honeywell C300 Firmware Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning. | 9.8 |
| 2023-07-07 | CVE-2023-37264 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation Tekton Pipelines Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. | 4.3 |
| 2023-06-19 | CVE-2023-30759 | Insufficient Verification of Data Authenticity vulnerability in Ricoh Printer Driver Packager NX The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. | 7.8 |
| 2023-06-13 | CVE-2023-34113 | Insufficient Verification of Data Authenticity vulnerability in Zoom Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access. | 8.8 |
| 2023-06-09 | CVE-2023-2897 | Insufficient Verification of Data Authenticity vulnerability in Brizy The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. | 5.3 |
| 2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |