87 matches found
CVE-2021-1074
NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires...
CVE-2021-1074
NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires...
CVE-2020-5637
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...
Trend Micro Vulnerability Protection and Deep Security Manager Integrity Validation Bypass Vulnerability
Trend Micro Vulnerability Protection is an endpoint vulnerability protection product that provides one step faster and stronger endpoint protection.Trend Micro Deep Security provides advanced server security for physical, virtual, and cloud servers.Deep Security Manager is a centralized Deep...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
Input validation
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
CVE-2020-11614
The CVE-2020-11614 entry concerns Mids’ Reborn Hero Designer 2.6.0.7. The vulnerability arises because the application downloads the update manifest and update files over cleartext HTTP and does not perform file integrity validation after download. This enables a man-in-the-middle attacker to rep...
CVE-2020-1802
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
CVE-2020-1802
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
Input validation
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
CVE-2020-1802
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
CVE-2020-1802
CVE-2020-1802 pertains to Huawei OSCA-550 family devices with an insufficient integrity validation vulnerability during loading via USB. Affected versions include OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X v1.0.1.23(SP2). The root cause is inadequate integrity checks on certain files during t...
Security Advisory - Insufficient Integrity Validation Vulnerability in Several Products
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB. Vulnerability ID:...
CVE-2019-15608
The package integrity validation in yarn 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack...
Microsoft Office365 Integrity Validation / Remote Code Execution
Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...
CVE-2018-5441
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing ...
Siemens LOGO! Soft Comfort Man-in-the-Middle Attack Vulnerability
LOGO! Soft Comfort is a Siemens LOGO! programming software that supports the addition of text display modules. A man-in-the-middle attack vulnerability exists in Siemens LOGO! Soft Comfort due to a lack of integrity validation of downloaded packages in Soft Comfort, the update center for LOGO!,...
CVE-2017-12618
Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...
CVE-2017-12618
Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...
CVE-2017-12618
Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...