Description
The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.
Extended Description
Attackers might be able to modify the message and spoof the endpoint by interfering with the data as it crosses the network or by redirecting the connection to a system under their control.
CVE vulnerabilities with CWE-924 (40)
9.4
CVSS
CRITICAL
CVE-2025-29628
pub. 2025-07-25
9.1
CVSS
CRITICAL
CVE-2024-44730
pub. 2024-10-11
9.1
CVSS
CRITICAL
CVE-2020-5869
pub. 2020-04-24
9.0
CVSS
CRITICAL
CVE-2024-3596
pub. 2024-07-09
8.8
CVSS
HIGH
CVE-2019-25719
pub. 2026-06-02
8.8
CVSS
HIGH
CVE-2025-0592
pub. 2025-02-14
8.6
CVSS
HIGH
CVE-2021-34793
pub. 2021-10-27
8.1
CVSS
HIGH
CVE-2023-6408
pub. 2024-02-14
8.1
CVSS
HIGH
CVE-2023-2885
pub. 2023-05-25
8.1
CVSS
HIGH
CVE-2021-41034
pub. 2021-09-29
8.1
CVSS
HIGH
CVE-2018-7295
pub. 2018-05-23
7.8
CVSS
HIGH
CVE-2020-11639
pub. 2024-07-23
7.5
CVSS
HIGH
CVE-2026-12576
pub. 2026-07-01
7.5
CVSS
HIGH
CVE-2024-8933
pub. 2024-11-13
7.5
CVSS
HIGH
CVE-2024-43450
pub. 2024-11-12
7.5
CVSS
HIGH
CVE-2023-49933
pub. 2023-12-14
7.5
CVSS
HIGH
CVE-2022-3166
pub. 2022-12-16
6.5
CVSS
MEDIUM
CVE-2026-39827
pub. 2026-05-22
6.5
CVSS
MEDIUM
CVE-2021-21390
pub. 2021-03-19
6.5
CVSS
MEDIUM
CVE-2019-20844
pub. 2020-06-19
Showing 20 of 40 vulnerabilities