Weaknesses of type CWE-345
369 resultsCVE-2018-10894MEDIUMIt was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use thiEPSS 0.4%CVE-2023-28863CRITICALAMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.EPSS 0.4%CVE-2025-27735MEDIUMWindows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilityEPSS 0.4%CVE-2022-34845MEDIUMA firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packeEPSS 0.3%CVE-2021-21588MEDIUMDell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacEPSS 0.3%CVE-2025-66255CRITICALUnauthenticated Arbitrary File Upload (upgrade_contents.php)EPSS 0.3%CVE-2023-6236HIGHEap: oidc app attempting to access the second tenant, the user should be prompted to logEPSS 0.3%CVE-2023-6323MEDIUMThroughTek Kalay SDK insufficient verification of message authenticityEPSS 0.3%CVE-2026-25921CRITICALGogs: Cross-repository LFS object overwrite via missing content hash verificationEPSS 0.3%CVE-2022-32252MEDIUMA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity chEPSS 0.3%CVE-2023-37264LOWPipelines do not validate child UIDsEPSS 0.3%CVE-2025-8980HIGHTenda G1 Firmware Update check_upload_file data authenticityEPSS 0.3%CVE-2023-42782MEDIUMA insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauEPSS 0.3%CVE-2024-30250HIGHIn Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-listsEPSS 0.3%CVE-2022-26516HIGHICSA-22-104-03 Red Lion DA50NEPSS 0.3%CVE-2025-1944MEDIUMpicklescan ZIP archive manipulation attack leads to crashEPSS 0.3%CVE-2017-20180MEDIUMZerocoin libzerocoin Proof CoinSpend.cpp CoinSpend data authenticityEPSS 0.3%CVE-2023-48238HIGHJWT Algorithm Confusion in json-web-token libraryEPSS 0.3%CVE-2025-66570CRITICALcpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)EPSS 0.3%CVE-2026-30223HIGHOliveTin: JWT Audience Validation Bypass in Local Key and HMAC ModesEPSS 0.3%