Lucene search
K

87 matches found

NVD
NVD
added 2021/04/21 11:15 p.m.27 views

CVE-2021-1074

NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires...

7.3CVSS0.00498EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/21 10:30 p.m.37 views

CVE-2021-1074

NVIDIA GPU Display Driver for Windows installer contains a vulnerability where an attacker with local unprivileged system access may be able to replace an application resource with malicious files. This attack requires a user with system administration rights to execute the installer and requires...

7.3CVSS7.8AI score0.00498EPSS
Exploits0References1
OSV
OSV
added 2020/12/14 3:15 a.m.4 views

CVE-2020-5637

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program...

6.8CVSS7AI score0.00372EPSS
Exploits0References3
CNVD
CNVD
added 2020/08/28 12:0 a.m.6 views

Trend Micro Vulnerability Protection and Deep Security Manager Integrity Validation Bypass Vulnerability

Trend Micro Vulnerability Protection is an endpoint vulnerability protection product that provides one step faster and stronger endpoint protection.Trend Micro Deep Security provides advanced server security for physical, virtual, and cloud servers.Deep Security Manager is a centralized Deep...

7.2CVSS7.2AI score0.04235EPSS
Exploits0References1
NVD
NVD
added 2020/06/11 5:15 p.m.18 views

CVE-2020-11614

Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...

8.1CVSS0.00392EPSS
Exploits1References2
Prion
Prion
added 2020/06/11 5:15 p.m.15 views

Input validation

Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...

6.8CVSS8AI score0.00392EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/06/11 4:49 p.m.40 views

CVE-2020-11614

The CVE-2020-11614 entry concerns Mids’ Reborn Hero Designer 2.6.0.7. The vulnerability arises because the application downloads the update manifest and update files over cleartext HTTP and does not perform file integrity validation after download. This enables a man-in-the-middle attacker to rep...

8.1CVSS8AI score0.00392EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2020/04/10 2:15 p.m.4 views

CVE-2020-1802

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...

4.6CVSS5.8AI score0.00151EPSS
Exploits0References1
NVD
NVD
added 2020/04/10 2:15 p.m.28 views

CVE-2020-1802

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...

4.6CVSS4.6AI score0.00151EPSS
Exploits0References1
Prion
Prion
added 2020/04/10 2:15 p.m.21 views

Input validation

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...

2.1CVSS4.6AI score0.00151EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2020/04/10 1:59 p.m.29 views

CVE-2020-1802

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...

4.7AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 2020/04/10 1:59 p.m.115 views

CVE-2020-1802

CVE-2020-1802 pertains to Huawei OSCA-550 family devices with an insufficient integrity validation vulnerability during loading via USB. Affected versions include OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X v1.0.1.23(SP2). The root cause is inadequate integrity checks on certain files during t...

4.6CVSS4.6AI score0.00151EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2020/04/08 12:0 a.m.43 views

Security Advisory - Insufficient Integrity Validation Vulnerability in Several Products

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB. Vulnerability ID:...

4.6CVSS4.6AI score0.00151EPSS
Exploits0Affected Software4
Cvelist
Cvelist
added 2020/03/15 5:8 p.m.34 views

CVE-2019-15608

The package integrity validation in yarn 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack...

5.7AI score0.01783EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2019/11/04 12:0 a.m.206 views

Microsoft Office365 Integrity Validation / Remote Code Execution

Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...

0.2AI score
Exploits0
NVD
NVD
added 2018/01/30 8:29 p.m.16 views

CVE-2018-5441

An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing ...

7.8CVSS7.7AI score0.00283EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/21 12:0 a.m.3 views

Siemens LOGO! Soft Comfort Man-in-the-Middle Attack Vulnerability

LOGO! Soft Comfort is a Siemens LOGO! programming software that supports the addition of text display modules. A man-in-the-middle attack vulnerability exists in Siemens LOGO! Soft Comfort due to a lack of integrity validation of downloaded packages in Soft Comfort, the update center for LOGO!,...

5.9CVSS6.8AI score0.00569EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/10/26 9:48 a.m.31 views

CVE-2017-12618

Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...

5.5CVSS2.8AI score0.00596EPSS
Exploits3References2
NVD
NVD
added 2017/10/24 1:29 a.m.26 views

CVE-2017-12618

Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...

4.7CVSS5.8AI score0.00596EPSS
Exploits3References4
OSV
OSV
added 2017/10/24 1:29 a.m.7 views

CVE-2017-12618

Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and...

4.7CVSS4.5AI score
Exploits0References4
Rows per page
Query Builder