Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-345 (对数据真实性的验证不充分) — Vulnerability Class 218

218 vulnerabilities classified as CWE-345 (对数据真实性的验证不充分). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-41156 OndiskPlayer Remote Code Execution Vulnerability — OndiskPlayerAgent 7.8 High2022-11-25
CVE-2022-36111 immundb has insufficient verification of data authenticity — immudb 5.4 Medium2022-11-23
CVE-2022-39199 Lack of proper validation in immudb — immudb 5.8 Medium2022-11-22
CVE-2022-3703 ETIC Telecom Remote Access Server Insufficient Verification of Data Authenticity — Remote Access Server (RAS) 7.6 High2022-11-10
CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine — Cortex XSOAR 6.7 Medium2022-11-09
CVE-2022-27513 Remote desktop takeover via phishing — Citrix Gateway, Citrix ADC 8.3 High2022-11-08
CVE-2022-34845 Robustel R1510 数据伪造问题漏洞 — R1510 7.5 -2022-10-25
CVE-2022-36360 Siemens LOGO! 8 BM 数据伪造问题漏洞 — LOGO! 8 BM (incl. SIPLUS variants) 7.5 -2022-10-11
CVE-2021-4122 cryptsetup 数据伪造问题漏洞 — cryptsetup 4.3 -2022-08-24
CVE-2022-2789 Emerson Proficy Machine Edition 数据伪造问题漏洞 — Proficy Machine Edition 4.7 Medium2022-08-19
CVE-2022-28757 Local Privilege Escalation in Auto Updater for Zoom Client for Meetings for macOS — Zoom Client for Meetings for MacOS 8.8 High2022-08-18
CVE-2020-1755 Moodle 数据伪造问题漏洞 — Moodle 5.3 -2022-08-16
CVE-2022-34763 多款Schneider Electric产品数据伪造问题漏洞 — OPC UA Modicon Communication Module 5.9 Medium2022-07-13
CVE-2022-31598 SAP Business Objects 数据伪造问题漏洞 — SAP Business Objects 5.4 -2022-07-12
CVE-2015-5236 icedtea-web 数据伪造问题漏洞 — Icedtea-web 8.1 -2022-07-07
CVE-2022-20829 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 9.1 Critical2022-06-24
CVE-2022-31801 Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool — MULTIPROG 9.8 Critical2022-06-21
CVE-2022-31800 Insufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllers — ILC 1x0 9.8 Critical2022-06-21
CVE-2022-32252 Siemens SINEMA Remote Connect Server 数据伪造问题漏洞 — SINEMA Remote Connect Server 6.5 Medium2022-06-14
CVE-2022-24889 Insufficient Verification of Data Authenticity in Nextcloud Server — security-advisories 2.4 Low2022-04-27
CVE-2022-20795 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2022-04-21
CVE-2022-26516 ICSA-22-104-03 Red Lion DA50N — DA50N 8.4 High2022-04-20
CVE-2021-26625 tobesoft Nexacro arbitrary file download vulnerability — Nexacro 17 8.8 High2022-04-19
CVE-2022-20774 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability — Cisco IP Phone 7800 Series with Multiplatform Firmware 6.8 Medium2022-04-06
CVE-2021-4031 Syltek Insufficient Verification of Data Authenticity — Syltek 7.5 High2022-03-18
CVE-2021-24825 Custom Content Shortcode < 4.0.2 - Authenticated Arbitrary File Access / LFI — Custom Content Shortcode 4.3 -2022-03-07
CVE-2022-22567 Dell Client Commercial 数据伪造问题漏洞 — CPG BIOS 4.7 Medium2022-02-09
CVE-2022-22994 Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability on Western Digital My Cloud devices. — My Cloud 8.8 High2022-01-28
CVE-2020-10137 Silicon Labs 700 数据伪造问题漏洞 — UZB-7 6.5 -2022-01-09
CVE-2021-26315 AMD Platform Security Processor 数据伪造问题漏洞 — 3rd Gen AMD EPYC™ 7.8 -2021-11-16

Vulnerabilities classified as CWE-345 (对数据真实性的验证不充分) represent 218 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.