9 matches found
CVE-2021-27257
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files v...
EUVD-2021-25030
Malware in sbrugna...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-25078link is external D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability CVE-2020-25079link is external D-Link DCS-2530L and DCS-2670L...
CVE-2021-38588
In cPanel before 96.0.13, fixcpanelperl lacks verification of the integrity of downloads SEC-587...
CVE-2021-40055
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity...
CVE-2021-38588
In cPanel before 96.0.13, fixcpanelperl lacks verification of the integrity of downloads SEC-587...
cPanel 安全漏洞
Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel that stems from a lack of validation of the integrity of downloads in...
curl: CVE-2021-22922: Wrong content via metalink not discarded
Summary: When compiled --with-libmetalink and used with --metalink curl does check the cryptographics hash of the downloaded files. However, the only indication that the hash was incorrect is a message displayed to the user. The files with incorrect hashes are left to the disk as-is. Since curl...
PT-2020-4106 · Apache · Apache Netbeans
Name of the Vulnerable Software and Affected Versions: Apache NetBeans versions up to and including 11.2 Description: The issue is related to the Apache NetBeans autoupdate system, which does not validate SSL certificates and hostnames for https-based downloads. This allows an attacker to interce...