Vulnerabilities > Insufficient Verification of Data Authenticity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-37264 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation Tekton Pipelines Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. | 4.3 |
| 2023-06-19 | CVE-2023-30759 | Insufficient Verification of Data Authenticity vulnerability in Ricoh Printer Driver Packager NX The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. | 7.8 |
| 2023-06-09 | CVE-2023-2897 | Insufficient Verification of Data Authenticity vulnerability in Brizy The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.4.18. | 5.3 |
| 2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
| 2023-05-31 | CVE-2023-2987 | Insufficient Verification of Data Authenticity vulnerability in Wordapp 1.5.0 The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of insufficiently unique cryptographic signature on the 'wa_pdx_op_config_set' function in versions up to, and including, 1.5.0. | 9.8 |
| 2023-05-22 | CVE-2023-28386 | Insufficient Verification of Data Authenticity vulnerability in Snapone Orvc Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. | 9.8 |
| 2023-05-16 | CVE-2023-32993 | Insufficient Verification of Data Authenticity vulnerability in Jenkins Saml Single Sign on Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 4.8 |
| 2023-05-11 | CVE-2023-31502 | Insufficient Verification of Data Authenticity vulnerability in Apsystems Alternergy Power Control Software C1.2.5 Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php. | 7.2 |
| 2023-05-09 | CVE-2022-4537 | Insufficient Verification of Data Authenticity vulnerability in Wpplugins Hide MY WP Ghost The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 5.0.18. | 6.5 |
| 2023-05-09 | CVE-2022-44420 | Insufficient Verification of Data Authenticity vulnerability in Google Android In modem, there is a possible missing verification of HashMME value in Security Mode Command. | 5.5 |