Lucene search
K

28 matches found

CNNVD
CNNVD
added 2023/02/01 12:0 a.m.4 views

多款Dell产品 数据伪造问题漏洞

Dell Command Update and Dell Update and Alienware Update are both products of Dell, Inc.Dell Command Update is a tool used to automatically update drivers, BIOS, and firmware in Dell products.Dell Update and Alienware Update is an update application. A security vulnerability exists in Dell...

7.8CVSS7.4AI score0.0015EPSS
Exploits0References2
OSV
OSV
added 2022/07/14 1:15 p.m.4 views

CVE-2022-28370

On Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 devices, the RPC endpoint crtcfwupgrade provides a means of provisioning a firmware update for the device. /lib/functions/wncjsonsh/wnccrtcfw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed...

7.5CVSS7.1AI score0.00351EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.3 views

CVE-2022-28370

On Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 devices, the RPC endpoint crtcfwupgrade provides a means of provisioning a firmware update for the device. /lib/functions/wncjsonsh/wnccrtcfw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed...

7.5CVSS5.9AI score0.00351EPSS
Exploits1References3
Prion
Prion
added 2022/07/14 1:15 p.m.14 views

Input validation

On Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 devices, the RPC endpoint crtcfwupgrade provides a means of provisioning a firmware update for the device. /lib/functions/wncjsonsh/wnccrtcfw.sh has no cryptographic validation of the image, thus allowing an attacker to modify the installed...

5CVSS7.5AI score0.00351EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/07/14 12:0 a.m.5 views

Verizon 5G Home LVSKIHP 数据伪造问题漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon Communications, Inc. It provides access to Verizon Wireless 5G wireless home Internet services. A data forgery issue vulnerability exists in the Verizon 5G Home LVSKIHP OutDoorUnit ODU version 3.33.101.0 device,...

7.5CVSS7.3AI score0.00351EPSS
Exploits1References3
OSV
OSV
added 2020/06/18 3:15 a.m.3 views

CVE-2020-3342

A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...

8.8CVSS7.6AI score0.03797EPSS
Exploits0References1
OSV
OSV
added 2018/07/09 7:29 p.m.4 views

CVE-2017-3198

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

9.8CVSS5.9AI score0.01597EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2017/03/31 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-3198

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

10CVSS7.4AI score0.01597EPSS
Exploits1References1
Rows per page
Query Builder