Lucene search
K

35 matches found

cnnvd
cnnvd
added 2025/05/23 12:0 a.m.6 views

Siemens SiPass integrated AC5102和Siemens SiPass integrated ACC-AP 数据伪造问题漏洞

The Siemens SiPass integrated AC5102 and Siemens SiPass integrated ACC-AP are both products of Siemens AG, Germany.The Siemens SiPass integrated AC5102 is an advanced centralized controller.The Siemens SiPass integrated ACC-AP is an access control controller. The Siemens SiPass integrated ACC-AP ...

6.2CVSS6.4AI score0.00145EPSS
Exploits0References4
susecve
susecve
added 2025/02/20 2:31 p.m.3 views

SUSE CVE-2025-0509

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle's EdDSA signing checks...

7.3CVSS8.8AI score0.00886EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/10/25 12:0 a.m.6 views

ABB多款产品 数据伪造问题漏洞

ABB Relion Protection Relays and others are products of ABB Switzerland.ABB Relion Protection Relays are a compact, multifunctional solution for utility and industrial power distribution systems.ABB REX610 is a flexibly configurable all-in-one protection relay.ABB REX615 is ABB REX615 is a flexib...

5.9CVSS6.8AI score0.00144EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/09/26 12:0 a.m.3 views

PT-2024-6538 · Foxit · Foxit Pdf Reader +1

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 2024.3 Foxit PDF Editor versions prior to 2024.3 and 13.x prior to 13.1.4 Description: The issue is related to errors in access control, allowing an attacker to replace an update file with a Trojan horse via...

8.4CVSS7.8AI score0.00164EPSS
Exploits0References8
vulncheck_kev
vulncheck_kev
added 2024/04/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-13990

MicroWorld eScan AV's update mechanism failed to ensure authenticity and integrity of updates: update packages were delivered and accepted without robust cryptographic verification. As a result, an on-path attacker could perform a man-in-the-middle MitM attack and substitute malicious update...

9.3CVSS5.8AI score0.00575EPSS
Exploits0References1
attackerkb
attackerkb
added 2023/12/12 1:15 a.m.3 views

CVE-2023-36650

A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages...

7.2CVSS7.2AI score0.00392EPSS
Exploits1References2
osv
osv
added 2022/06/14 10:15 a.m.4 views

CVE-2022-32252

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.1. The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker...

7.8CVSS5.7AI score0.00326EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/06/14 12:0 a.m.6 views

PT-2022-21178 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.1 Description: A vulnerability has been identified where the application does not perform integrity checks of update packages. This could allow an admin user to be tricked into installing a...

9.3CVSS6.9AI score0.00326EPSS
Exploits0References3
redos
redos
added 2021/09/08 12:0 a.m.15 views

ROS-2-829

2.829 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.82367EPSS
Exploits0
osv
osv
added 2021/06/17 10:6 p.m.7 views

OPENSUSE-SU-2021:0894-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. - Don't u...

8.8CVSS7.5AI score0.0199EPSS
Exploits0References6
osv
osv
added 2019/07/23 3:15 p.m.1 views

CVE-2019-12162

Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe...

7.8CVSS6.2AI score
Exploits0References2
osv
osv
added 2019/07/10 8:15 p.m.2 views

CVE-2019-12804

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update...

5.5CVSS6.7AI score0.00398EPSS
Exploits0References1
nvd
nvd
added 2019/07/10 8:15 p.m.17 views

CVE-2019-12804

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update...

7.8CVSS6.1AI score0.00398EPSS
Exploits0References1
nvd
nvd
added 2014/09/05 5:55 p.m.21 views

CVE-2014-2378

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update...

7.6CVSS7.7AI score0.00897EPSS
Exploits0References4
cve
cve
added 2014/09/05 5:0 p.m.47 views

CVE-2014-2378

The CVE-2014-2378 vulnerability affects Sensys Networks VSN240-F and VSN240-T traffic sensors (VDS before 2.10.1 and TrafficDOT before 2.10.3). The root cause is failure to verify the integrity of downloaded updates, allowing a Trojan horse update to execute arbitrary code on the device after del...

7.6CVSS7.9AI score0.00897EPSS
Exploits0References4Affected Software3
Rows per page
Query Builder