Lucene search
K

337 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.10 views

CVE-2024-47563

A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable...

6.9CVSS5.7AI score0.00537EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:10 a.m.6 views

CVE-2024-31454

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The...

6.5CVSS6.9AI score0.00524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:36 a.m.17 views

CVE-2024-36505

An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...

5.5CVSS6.9AI score0.00159EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.6 views

CVE-2024-31453

PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which allows users to create a path for uploading a file in a file distribution, allows an attacker to add arbitrary files to the distribution. The vulnerability...

6.5CVSS6.7AI score0.00524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:32 a.m.7 views

CVE-2023-5512

An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...

5.7CVSS6.3AI score0.00494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:53 a.m.5 views

CVE-2023-1178

An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. File integrity may be compromised when source code or installation packages are pulled from a tag or from a...

5.7CVSS7.1AI score0.00894EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.7 views

CVE-2023-6051

An issue has been discovered in GitLab CE/EE affecting all versions before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when source code or installation packages are pulled from a specific tag...

6.5CVSS6.7AI score0.00615EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 p.m.6 views

CVE-2020-8602

A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution...

7.2CVSS7.4AI score0.04235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 p.m.6 views

CVE-2020-11614

Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...

8.1CVSS6.9AI score0.00392EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.9 views

CVE-2020-15528

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks...

9.3CVSS7.3AI score0.0134EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Enable AIDE

Advanced intrusion detection environment AIDE is an intrusion detection tool that checks the integrity of system files and directories and identifies those maliciously tampered with. In principle, the integrity check can be performed only after an AIDE benchmark database is constructed, which...

6.9AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/04/07 12:0 a.m.6 views

AIDE 0.19

AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...

7AI score
Exploits0
Apple
Apple
added 2025/03/31 12:0 a.m.30 views

About the security content of macOS Sequoia 15.4

About the security content of macOS Sequoia 15.4 This document describes the security content of macOS Sequoia 15.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

9.8CVSS7.7AI score0.01513EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2025/03/03 3:27 p.m.68 views

CVE-2024-43169

CVE-2024-43169 affects IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1. The IBM security bulletin identifies the vulnerability as a Reflected File Download where a user could download a malicious file without verifying code integrity. The IBM CVSS context lists a...

8.8CVSS8.5AI score0.00177EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/03 3:27 p.m.11 views

CVE-2024-43169 IBM Engineering Requirements Management DOORS Next file download

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying the integrity of the code...

8.8CVSS8.5AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:52 p.m.13 views

CVE-2022-1823

Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execu...

7.9CVSS7.3AI score0.00254EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/04 12:0 a.m.5 views

The vulnerability of the AppleMobileFileIntegrity component in the MacOS operating system allows a perpetrator to gain access to read and modify data.

The vulnerability of the AppleMobileFileIntegrity component in MacOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to gain access to read and modify data...

5.5CVSS5.4AI score0.00218EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.3 views

PT-2025-5278 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 Description: A logic issue was addressed with improved restrictions, which may allow an app to access information about a user's contacts. The issue is...

3.3CVSS5.7AI score0.00241EPSS
Exploits0References10
NVD
NVD
added 2024/12/09 2:15 a.m.20 views

CVE-2024-55566

ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...

6.6CVSS0.00213EPSS
Exploits0References3
NVD
NVD
added 2024/11/14 10:15 p.m.9 views

CVE-2024-48974

The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device's configuration settings and/or compromise device functionality by pushing a compromised/illegitimate firmware file. This...

9.3CVSS0.00155EPSS
Exploits0References1
Rows per page
Query Builder