Lucene search
K

5 matches found

NVD
NVD
added 2026/01/07 10:15 p.m.11 views

CVE-2025-69263

pnpm is a package manager. Versions 10.26.2 and below store HTTP tarball dependencies and git-hosted tarballs in the lockfile without integrity hashes. This allows the remote server to serve different content on each install, even when a lockfile is committed. An attacker who publishes a package...

8.8CVSS0.0031EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/10/24 12:0 a.m.5 views

Light & Wonder Deck Mate 安全漏洞

Light & Wonder Deck Mate is an automated licensing device from Light & Wonder, UK. A security vulnerability exists in Light & Wonder Deck Mate that stems from a lack of secure boot chain validation and runtime integrity validation, which could allow a physically accessible attacker to modify or...

7CVSS7.3AI score0.00197EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1629

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...

6.8CVSS7.5AI score0.06217EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/06/08 12:0 a.m.5 views

Verbatim Keypad Secure USB Drive 数据伪造问题漏洞

The Verbatim Keypad Secure USB Drive is a hardware encrypted USB flash drive from Verbatim, a Chinese company. A security vulnerability in the Verbatim Keypad Secure USB Drive, which stems from a lack of integrity checking, can be exploited by an attacker to store and execute malware on an emulat...

4.6CVSS5.3AI score0.00316EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2020/02/27 12:0 a.m.4 views

The vulnerability of the wpa_supplicant function of the EAP-PWD protocol in wireless communication devices certified by WPA allows a hacker to gain unauthorized access to information.

The vulnerability of the wpasupplicant function in the EAP-PWD protocol for wireless communication devices certified by WPA is related to the lack of integrity checking for messages. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

6.5CVSS6.4AI score0.01476EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder