5 matches found
EUVD-2025-34826
The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by...
CVE-2025-11493
The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by...
CVE-2025-11493
The CVE-2025-11493 entry concerns the ConnectWise Automate Agent. The connected sources describe that the agent does not fully verify the authenticity of files downloaded from the server (updates, dependencies, and integrations), creating a risk of a man-in-the-middle substitution of legitimate f...
CVE-2020-23906
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...
Full Disclosure: Windows File Protection Old Security Catalog Vulnerability
============================================================================ == SECURITY ALERT Windows File Protection Old Security Catalog Vulnerability December 26, 2002 Full Disclosure, [email protected] and others August 26, 2002 Private Disclosure, Microsoft Press and others Jason Coombs...