16 matches found
EUVD-2019-15736
Malware in sbrugna...
EUVD-2010-3291
Malware in sbrugna...
PT-2025-30921 · Iroad · Iroad Dash Cam Fx2
Name of the Vulnerable Software and Affected Versions: IROAD Dashcam FX2 affected versions not specified Description: The IROAD Dashcam FX2 lacks authentication controls on its HTTP and RTSP interfaces, potentially allowing attackers to retrieve sensitive files and video recordings, and view live...
CVE-2010-3292
The updatebad,phishingsites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption e.g., https or digital signature checking which could allow an attacker to replace certain configuration files e.g., phishing whitelist via dns/packet spoofing...
PT-2020-7588 · Docker · Docker
Name of the Vulnerable Software and Affected Versions: Docker versions prior to 1.6.0 Description: An issue was found where some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways. This poses a risk due to the lack of encryption and authentication in...
CVE-2010-3292
The updatebad,phishingsites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption e.g., https or digital signature checking which could allow an attacker to replace certain configuration files e.g., phishing whitelist via dns/packet spoofing...
CVE-2019-6169
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted downloads over FTP...
CVE-2019-6169
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted downloads over FTP...
Design/Logic Flaw
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted downloads over FTP...
CVE-2019-6169
A vulnerability reported in Lenovo Service Bridge before version 4.1.0.1 could allow unencrypted downloads over FTP...
PT-2019-18000 · Lenovo · Lenovo Service Bridge
Name of the Vulnerable Software and Affected Versions: Lenovo Service Bridge versions prior to 4.1.0.1 Description: A vulnerability in Lenovo Service Bridge could allow unencrypted downloads over FTP. Recommendations: For versions prior to 4.1.0.1, update to version 4.1.0.1 or later to resolve th...
Lenovo Service Bridge Vulnerabilities - Lenovo Support US
No description provided...
GHSA-4X5J-V9V9-W8GW Downloads Resources over HTTP in httpsync
Affected versions of httpsync insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
GHSA-432J-4FW9-2G6F libsbml downloads Resources over HTTP
Affected versions of libsbml insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...
qbs remote code execution vulnerability
qbs is a set of automated build tools that manage the process of building software projects across multiple platforms. A security vulnerability exists in qbs that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...
npm-test-sqlite3-trunk code execution vulnerability
npm-test-sqlite3-trunk is a module for providing asynchronous non-blocking SQLite3 bindings. A security vulnerability exists in npm-test-sqlite3-trunk, which originates when a program downloads a binary file over an unencrypted HTTP connection. A remote attacker can exploit this vulnerability by...