Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-345 (对数据真实性的验证不充分) — Vulnerability Class 218

218 vulnerabilities classified as CWE-345 (对数据真实性的验证不充分). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-0149 Zoom Apps - Insufficient Verification of Data Authenticity — Zoom Apps 6.5 Medium2025-03-11
CVE-2025-1945 picklescan - Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch — picklescan 9.8 -2025-03-10
CVE-2025-1944 picklescan ZIP archive manipulation attack leads to crash — picklescan 7.5 -2025-03-10
CVE-2025-27257 GE Vernova UR IED 数据伪造问题漏洞 — N60 multilin 6.1 Medium2025-03-10
CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages — libsignal-service-rs 8.5 High2025-02-13
CVE-2025-24807 Fast DDS does not verify Permissions CA — Fast-DDS 9.1 -2025-02-11
CVE-2025-25188 DNSSEC validation may accept broken authentication chains — hickory-dns 8.8 -2025-02-10
CVE-2025-1108 Insufficient data authenticity vulnerability in Janto — Janto 8.6 High2025-02-07
CVE-2025-23415 BIG-IP APM Endpoint Inspection vulnerability — BIG-IP 3.1 Low2025-02-05
CVE-2024-55929 Mail spoofing — Xerox Workplace Suite 5.3 Medium2025-01-23
CVE-2025-21606 Local Privilege Escalation via Exposed XPC Method Due to Client Verification Failure in stats — stats 7.8 -2025-01-17
CVE-2024-54111 Huawei HarmonyOS 安全漏洞 — HarmonyOS 5.7 Medium2024-12-12
CVE-2024-12369 Elytron-oidc-client: oidc authorization code injection 4.2 Medium2024-12-09
CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass — 2K Indoor Wi-Fi Security Camera 6.7 Medium2024-12-03
CVE-2024-53259 quic-go affected by an ICMP Packet Too Large Injection Attack on Linux — quic-go 6.5 Medium2024-12-02
CVE-2022-33861 Insufficient verification of authenticity in IPP — Intelligent Power Protector 5.1 Medium2024-11-25
CVE-2024-11666 Unauthenticated Remote Command Injection in eCharge Salia PLCC — cph2_echarge_firmware 9.0 Critical2024-11-24
CVE-2024-8356 Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability — Infotainment 7.8 -2024-11-22
CVE-2024-7847 RSLogix™ 5 and RSLogix 500® Remote Code Execution Via VBA Embedded Script — RSLogix 500® 7.7 High2024-10-14
CVE-2024-47867 Lack of integrity check on the downloaded FRP client in Gradio — gradio 8.8AIHighAI2024-10-10
CVE-2024-47079 Unauthorized usage of remote hardware module because of missing channel verification — firmware 6.4 Medium2024-10-07
CVE-2024-23922 Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability — XAV-AX5500 6.8 Medium2024-09-23
CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik — traefik 9.8 Critical2024-09-19
CVE-2024-25584 Dovecot 安全漏洞 — OX Dovecot Pro 5.3 Medium2024-09-06
CVE-2024-37968 Windows DNS Spoofing Vulnerability — Windows Server 2019 7.5 High2024-08-13
CVE-2024-38198 Windows Print Spooler Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.5 High2024-08-13
CVE-2024-25638 DNSJava DNSSEC Bypass — dnsjava 8.9 High2024-07-22
CVE-2024-40644 gitoxide's gix-path can use a fake program files location — gitoxide 6.8 Medium2024-07-18
CVE-2024-39689 Certifi removes GLOBALTRUST root certificate — python-certifi 7.5 High2024-07-05
CVE-2024-5684 ID Charger Connect & Pro - JWT-Null-Algorithm — ID Charger Connect & Pro 6.3 Medium2024-06-06

Vulnerabilities classified as CWE-345 (对数据真实性的验证不充分) represent 218 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.