Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-28002

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00674EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/03/04 10:15 p.m.4 views

CVE-2021-40846

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

7.6CVSS7.1AI score0.00674EPSS
Exploits1References3
NVD
NVD
added 2022/03/04 10:15 p.m.23 views

CVE-2021-40846

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

7.6CVSS0.00674EPSS
Exploits1References2
OSV
OSV
added 2022/03/04 10:15 p.m.4 views

CVE-2021-40846

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

7.5CVSS5.8AI score0.00674EPSS
Exploits1References2
Prion
Prion
added 2022/03/04 10:15 p.m.23 views

Design/Logic Flaw

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

7.6CVSS7.4AI score0.00674EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/03/04 9:33 p.m.83 views

CVE-2021-40846

CVE-2021-40846 affects Rhinode Trading Paints up to version 2.0.36, where TP Updater.exe checks for and requests updates over cleartext HTTP. This enables a man-in-the-middle to substitute a malicious binary for the legitimate update without SSL warnings. The connected sources corroborate the sam...

7.6CVSS7.3AI score0.00674EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/03/04 9:33 p.m.20 views

CVE-2021-40846

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

7.6AI score0.00674EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/03/04 12:0 a.m.7 views

Rhinode Trading Paints 安全漏洞

Rhinode Trading Paints is used by Rhinode USA to add customized car paint to iRacing. A security vulnerability exists in Rhinode Trading Paints versions prior to 2.0.36, which stems from the fact that TP Updater.exe uses plaintext HTTP to check for and request updates. As a result, an attacker...

7.6CVSS7.3AI score0.00674EPSS
Exploits1References4
Rows per page
Query Builder