14 matches found
EUVD-2025-6435
Malicious code in bioql PyPI...
EUVD-2022-4526
Malicious code in bioql PyPI...
CVE-2025-27593
The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems...
CVE-2025-27593
The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems...
CVE-2025-27593
CVE-2025-27593 affects SICK DL100-2xxxxxxx sensors. The issue arises from missing download verification checks in SICK’s distribution flow (SDD Device Drivers), which could allow a malicious payload to be delivered and execute code on target systems. The NVD entry assigns a CVSS 3.1 base score of...
CVE-2025-27593 RCE due to Device Driver
The product can be used to distribute malicious code using SDD Device Drivers due to missing download verification checks, leading to code execution on target systems...
Server side request forgery (ssrf)
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Server-Side Request Forgery vulnerability. During the download verification process of a JDBC driver the corresponding JDBC driver download address will be downloaded first, but this address wi...
The vulnerability of Google Chrome browser downloads, related to a lack of mechanism for verifying the source, allows attackers to circumvent existing security restrictions by using a specially created HTML page.
The vulnerability of Google Chrome browsers relates to a lack of mechanisms for verifying the source of the download. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions by using a specially created HTML page...
CVE-2020-2320
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads...
PT-2020-15554 · Jenkins · Jenkins Plugin Installation Manager Tool +1
Name of the Vulnerable Software and Affected Versions: Jenkins Plugin Installation Manager Tool versions 2.1.3 and earlier Description: The issue is related to the Jenkins Plugin Installation Manager Tool not verifying plugin downloads, which may allow third parties to provide crafted plugin...
CVE-2019-5982
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed...
CVE-2019-5982
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed...
Input validation
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed...
LINE for Windows fails to properly verify downloaded files
Overview The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified. LINE Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and LINE Corporation...