| CVE-2026-45787 |
2026-05-28 |
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confide… |
| CVE-2026-42428 |
2026-04-28 |
OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin packages without detection, compromising the … |
| CVE-2026-33261 |
2026-04-22 |
A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service. |
| CVE-2026-3856 |
2026-03-17 |
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmis… |
| CVE-2025-10010 |
2026-02-24 |
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separ… |
| CVE-2025-15364 |
2026-01-06 |
The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.40. This is due to the plugin not properly validating a u… |
| CVE-2026-21437 |
2026-01-01 |
eopkg is a Solus package manager implemented in python3. In versions prior to 4.4.0, a malicious package could include files that are not tracked by `eopkg`. This requires the installation of a packag… |
| CVE-2025-65203 |
2025-12-17 |
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe attribute sandbox, allowing attacker-controlled… |
| CVE-2024-46917 |
2025-08-29 |
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encry… |
| CVE-2025-48500 |
2025-08-13 |
A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a ma… |
| CVE-2025-48811 |
2025-07-08 |
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. |
| CVE-2025-48803 |
2025-07-08 |
Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. |
| CVE-2025-32890 |
2025-05-01 |
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves mess… |
| CVE-2025-32882 |
2025-05-01 |
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves m… |
| CVE-2024-47123 |
2024-09-26 |
The goTenna Pro App uses AES CTR type encryption for short, encrypted
messages without any additional integrity checking mechanisms. This
leaves messages malleable to an attacker that can access the… |
| CVE-2024-43108 |
2024-09-26 |
The goTenna Pro ATAK Plugin uses AES CTR type encryption for short,
encrypted messages without any additional integrity checking mechanisms.
This leaves messages malleable to an attacker that can ac… |
| CVE-2023-28865 |
2024-08-08 |
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash… |
| CVE-2024-27817 |
2024-06-10 |
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, … |
| CVE-2023-32475 |
2024-06-07 |
Dell BIOS contains a missing support for integrity check vulnerability. An attacker with physical access to the system could potentially bypass security mechanisms to run arbitrary code on the system.… |
| CVE-2022-24404 |
2023-10-19 |
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.… |