26 matches found
CVE-2026-25775 SenseLive X3050 Missing authentication for critical function
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded...
Improper Validation of Integrity Check Value
Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value inadequate validation of the combined fingerprint during image downloads from simplestreams servers. An attacker can cause users to deploy malicious images by providing manipulated image file...
Improper Validation of Integrity Check Value
Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value inadequate validation of the combined fingerprint during image downloads from simplestreams servers. An attacker can cause users to deploy malicious images by providing manipulated image file...
EUVD-2025-31029
Malicious code in bioql PyPI...
CVE-2025-20313
Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...
CVE-2025-20313
Cisco IOS XE Software contains multiple vulnerabilities that allow an authenticated local attacker with level-15 privileges or an unauthenticated attacker with physical access to execute persistent code at boot time and break the chain of trust. The issues stem from path traversal and improper im...
CVE-2025-20313
Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...
Cisco IOS XE 安全漏洞
Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE that stems from improper path traversa...
PT-2025-39301
Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description The software contains flaws that could allow an authenticated local attacker with level-15 privileges, or an unauthenticated attacker with physical access to the device, to...
openstack-ironic: Lack of checksum validation on images
A flaw was found in OpenStack Ironic. The lack of checksum verification allows an attacker with access to the images to modify an image without the change noticed by OpenStack. This issue leads to integrity issues in the image...
openstack-ironic: Lack of checksum validation on images
A flaw was found in OpenStack Ironic. The lack of checksum verification allows an attacker with access to the images to modify an image without the change noticed by OpenStack. This issue leads to integrity issues in the image...
CVE-2024-47211
A flaw was found in OpenStack Ironic. The lack of checksum verification allows an attacker with access to the images to modify an image without the change noticed by OpenStack. This issue leads to integrity issues in the image. Mitigation Mitigation for this issue is either not available or the...
CVE-2024-32883 MCUboot Injection attack of unprotected TLV values
MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...
Design/Logic Flaw
A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images...
SUSE CVE-2020-13845
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptors in the SIF file, rather than to a cryptographically...
[SECURITY] Fedora 34 Update: pngcheck-3.0.3-1.fc34
pngcheck verifies the integrity of PNG, JNG and MNG files by checking the internal 32-bit CRCs checksums and decompressing the image data; it can optionally dump almost all of the chunk-level information in the image in human-readable form. For example, it can be used to print the basic statist i...
pngcheck pr***_bu*** function has a buffer out-of-bounds read vulnerability
pngcheck is used to verify the integrity of PNG, JNG and MNG files by checking the internal 32-bit CRC, aka checksum and decompressing the image data, and it has the option to dump almost all block-level information in the image in a human-readable form. A buffer out-of-bounds read vulnerability...
CVE-2020-13845
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptors in the SIF file, rather than to a cryptographically...
UBUNTU-CVE-2020-13845
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptors in the SIF file, rather than to a cryptographically...
CVE-2020-13845
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the signature object descriptors in the SIF file, rather than to a cryptographically...