Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-25 | CVE-2023-37920 | Insufficient Verification of Data Authenticity vulnerability in multiple products Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. | 9.8 |
| 2023-07-13 | CVE-2023-30562 | Insufficient Verification of Data Authenticity vulnerability in BD Alaris Guardrails Editor 12.1.2 A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs. | 6.7 |
| 2023-07-13 | CVE-2023-25178 | Insufficient Verification of Data Authenticity vulnerability in Honeywell C300 Firmware Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning. | 9.8 |
| 2023-06-19 | CVE-2023-30759 | Insufficient Verification of Data Authenticity vulnerability in Ricoh Printer Driver Packager NX 1.0.02/1.1.25 The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. | 7.8 |
| 2023-06-09 | CVE-2023-2897 | Insufficient Verification of Data Authenticity vulnerability in Brizy The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. | 5.3 |
| 2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
| 2023-05-31 | CVE-2023-2987 | Insufficient Verification of Data Authenticity vulnerability in Wordapp 1.5.0 The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of insufficiently unique cryptographic signature on the 'wa_pdx_op_config_set' function in versions up to, and including, 1.5.0. | 9.8 |
| 2023-05-16 | CVE-2023-32993 | Insufficient Verification of Data Authenticity vulnerability in Jenkins Saml Single Sign on Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 4.8 |
| 2023-05-11 | CVE-2023-31502 | Insufficient Verification of Data Authenticity vulnerability in Apsystems Alternergy Power Control Software C1.2.5 Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php. | 7.2 |
| 2023-05-09 | CVE-2022-4537 | Insufficient Verification of Data Authenticity vulnerability in Wpplugins Hide MY WP Ghost The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. | 6.5 |