337 matches found
CVE-2024-47563
A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable...
CVE-2024-31454
PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The...
CVE-2024-36505
An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...
CVE-2024-31453
PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which allows users to create a path for uploading a file in a file distribution, allows an attacker to add arbitrary files to the distribution. The vulnerability...
CVE-2023-5512
An issue has been discovered in GitLab CE/EE affecting all versions from 16.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when specific HTML encoding is used for file names leading for incorrect...
CVE-2023-1178
An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. File integrity may be compromised when source code or installation packages are pulled from a tag or from a...
CVE-2023-6051
An issue has been discovered in GitLab CE/EE affecting all versions before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. File integrity may be compromised when source code or installation packages are pulled from a specific tag...
CVE-2020-8602
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
CVE-2020-15528
An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks...
Enable AIDE
Advanced intrusion detection environment AIDE is an intrusion detection tool that checks the integrity of system files and directories and identifies those maliciously tampered with. In principle, the integrity check can be performed only after an AIDE benchmark database is constructed, which...
AIDE 0.19
AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...
About the security content of macOS Sequoia 15.4
About the security content of macOS Sequoia 15.4 This document describes the security content of macOS Sequoia 15.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...
CVE-2024-43169
CVE-2024-43169 affects IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1. The IBM security bulletin identifies the vulnerability as a Reflected File Download where a user could download a malicious file without verifying code integrity. The IBM CVSS context lists a...
CVE-2024-43169 IBM Engineering Requirements Management DOORS Next file download
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to download a malicious file without verifying the integrity of the code...
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execu...
The vulnerability of the AppleMobileFileIntegrity component in the MacOS operating system allows a perpetrator to gain access to read and modify data.
The vulnerability of the AppleMobileFileIntegrity component in MacOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to gain access to read and modify data...
PT-2025-5278 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 Description: A logic issue was addressed with improved restrictions, which may allow an app to access information about a user's contacts. The issue is...
CVE-2024-55566
ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...
CVE-2024-48974
The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device's configuration settings and/or compromise device functionality by pushing a compromised/illegitimate firmware file. This...