Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-354 (完整性检查值验证不恰当) — Vulnerability Class 62

62 vulnerabilities classified as CWE-354 (完整性检查值验证不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-32105 xrdp: RDP MAC signature (dataSignature) never verified on receive — integrity bypass in non-TLS mode — xrdp 5.9AIMediumAI2026-04-17
CVE-2026-5479 wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag — wolfSSL 7.5 -2026-04-10
CVE-2026-5504 PKCS7 CBC Padding Oracle — Plaintext Recovery — wolfSSL 7.5AIHighAI2026-04-09
CVE-2026-26928 Lack of Dynamic Library Validation in SzafirHost — SzafirHost 9.8AICriticalAI2026-04-02
CVE-2026-28498 Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding — authlib 7.5 -2026-03-16
CVE-2026-32600 xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption — xml-security 8.2 High2026-03-13
CVE-2026-32313 xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption — xmlseclibs 8.2 High2026-03-13
CVE-2026-31839 Striae has a hash validation utility vulnerability — striae 8.2 High2026-03-11
CVE-2026-28402 nimiq/core-rs-albatross's nimiq-blockchain missing proposal body root verification — core-rs-albatross 7.1 High2026-02-27
CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass — httpsig-rs 7.5 High2026-02-19
CVE-2026-25934 go-git improperly verifies data integrity values for .idx and .pack files — go-git 4.3 Medium2026-02-09
CVE-2025-11543 Sharp NP series 安全漏洞 — NP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+ 7.7AIHighAI2025-12-22
CVE-2025-33193 NVIDIA DGX Spark 安全漏洞 — DGX Spark 5.7 Medium2025-11-25
CVE-2025-4616 Prisma Browser: Insufficient Validation of Untrusted Input Vulnerability in Prisma Browser — Prisma Browser 5.5 -2025-11-14
CVE-2024-7402 Netskope Client Configuration Tampering with Local MITM — Netskope Client 8.1AIHighAI2025-08-14
CVE-2025-54887 jwe: Missing AES-GCM authentication tag validation in encrypted JWEs — ruby-jwe 9.1 Critical2025-08-08
CVE-2025-7096 Comodo Internet Security Premium Manifest File cis_update_x64.xml integrity check — Internet Security Premium 8.1 High2025-07-06
CVE-2024-46992 Electron ASAR Integrity bypass by just modifying the content — electron 7.8 High2025-07-01
CVE-2025-39203 Hitachi Energy MicroSCADA X SYS600 安全漏洞 — MicroSCADA X SYS600 6.5 Medium2025-06-24
CVE-2025-4418 AVEVA PI Connector for CygNet Improper Validation of Integrity Check Value — PI Connector for CygNet 4.4 Medium2025-06-12
CVE-2025-3479 Forminator <= 1.42.0 - Order Replay Vulnerability — Forminator Forms – Contact Form, Payment Form & Custom Form Builder 5.3 Medium2025-04-17
CVE-2025-3247 Contact Form 7 <= 6.0.5 - Order Replay Vulnerability — Contact Form 7 5.3 Medium2025-04-16
CVE-2024-47573 Fortinet FortiNDR 安全漏洞 — FortiNDR 6.0 Medium2025-03-14
CVE-2024-47935 TXOne Networks StellarProtect (Legacy Mode), StellarEnforce, and Safe Lock Improper Validation of Integrity Check Value Vulnerability — StellarProtect (Legacy Mode) 6.7 Medium2025-02-17
CVE-2025-25183 vLLM using built-in hash() from Python 3.12 leads to predictable hash collisions in vLLM prefix cache — vllm 2.6 Low2025-02-07
CVE-2023-50738 A firmware downgrade prevention vulnerability has been identified in newer Lexmark devices. — Printer Firmware 4.3 Medium2025-01-17
CVE-2020-9210 Huawei Myna 安全漏洞 — Myna 6.8 Medium2024-12-27
CVE-2024-47255 2N Access Commander 安全漏洞 — 2N Access Commander 4.7 Medium2024-11-05
CVE-2024-48930 secp256k1-node vulnerable to private key extraction over ECDH — secp256k1-node 7.5AIHighAI2024-10-21
CVE-2024-47089 Unauthorized Transaction Manipulation Vulnerability — LD Geo 8.1AIHighAI2024-09-19

Vulnerabilities classified as CWE-354 (完整性检查值验证不恰当) represent 62 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.