CWE-345

Insufficient Verification of Data Authenticity

Parent: CWE-693 - Protection Mechanism Failure

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

593 vulnerabilities with CWE-345
CVE-2021-24825 MEDIUM
WordPress Custom Content Shortcode <4.0.2 - Local File Inclusion
CVSS 4.3
CVE-2021-29655 CRITICAL
Pexip Infinity Connect < 1.8.0 - Unauthenticated Remote Code Execution via Provisioning Authenticity Bypass
CVSS 9.8
CVE-2021-44850 MEDIUM
Xilinx Zynq-7000 SoC Firmware - Buffer Overflow via Modified SD Boot Image Header
CVSS 6.8
CVE-2021-46559 HIGH
Moxa TN-5900 Firmware < 3.1 - Insufficient Verification of Data Authenticity
CVSS 7.5
CVE-2021-36751 MEDIUM
ENC DataVault < 7.2.3 - Ciphertext Malleability via Missing Integrity Check
CVSS 4.2
CVE-2021-45419 HIGH
Starcharge Titan 180 Premium <1.3.0.0.6 & Nova 360 <=1.3.0.0.7b102 - Input Validation Flaw
CVSS 8.8
CVE-2021-37188 HIGH
Digi TransPort DR64, VC74, WR11, WR11 XT, WR21, WR31, WR41, WR44 Firmware Authenticated Tampering
CVSS 8.8
CVE-2021-26103 MEDIUM
FortiProxy < 1.2.11 and FortiGate < 6.2.9, 6.4.6, 7.0.0 - Unauthenticated Cross-Site Request Forgery via SSL VPN Portal
CVSS 6.3
CVE-2021-26315 HIGH
AMD Epyc 7003 Firmware - Data Authenticity Bypass
CVSS 7.8
CVE-2021-43616 CRITICAL
npm 7.0.0-8.1.3 - Insufficient Verification of Data Authenticity in npm ci Command
CVSS 9.0
CVE-2021-41203 HIGH
TensorFlow <2.7.0 - Memory Corruption
CVSS 7.8
CVE-2021-22460 MEDIUM
HarmonyOS - Insufficient Verification of Data Authenticity
CVSS 5.5
CVE-2021-26610 HIGH
godomall5 - Remote Code Execution via Unchecked File Upload
CVSS 7.2
CVE-2021-38396 MEDIUM
Programmer Installation Utility - Code Injection
CVSS 6.5
CVE-2021-22947 MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
CVSS 5.9
CVE-2021-41106 MEDIUM
JWT <3.4.6, 4.0.4, 4.1.5 - Info Disclosure
CVSS 4.4
CVE-2021-41087 MEDIUM
in-toto-golang - Privilege Escalation
CVSS 5.6
CVE-2021-34572 MEDIUM
Enbra EWM 1.7.29 - Insufficient Verification of Data Authenticity in Wireless M-Bus Security Mode 5
CVSS 6.5
CVE-2021-26608 HIGH
Handysoft Co., Ltd - File Download/Execution
CVSS 8.8
CVE-2021-40491 MEDIUM
GNU Inetutils <2.2 - Info Disclosure
CVSS 6.5
CVE-2021-37421 CRITICAL
Zoho ManageEngine ADSelfService Plus < 6.1 - Admin Portal Access-Restriction Bypass
CVSS 9.8
CVE-2021-1586 HIGH
Cisco NX-OS - Unauthenticated Denial of Service via Crafted TCP Traffic
CVSS 8.6
CVE-2021-39158 HIGH
NVCaffe < 0.17.4 - Dependency Confusion via Malicious PyPI Package
CVSS 8.8
CVE-2021-38597 MEDIUM
wolfSSL < 4.8.1 - Insufficient Verification of Data Authenticity via OCSP NoCheck Extension
CVSS 5.9
CVE-2021-21739 MEDIUM
ZTE ZXCTN 6120H Firmware V5.10.00B24 - Insufficient Verification of Data Authenticity
CVSS 4.6
Details
Vulnerabilities 593
Links
MITRE CWE Entry Search this CWE With Exploits