EUVD-2025-25614

Malicious code in bioql PyPI...

CVE-2025-55581

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the dcp and signalc binaries without validating their integrity, origin, or permissions. An attacker with filesystem access...

FreeFrom Security Vulnerabilities

FreeFrom is an application from FreeFrom, Inc. dedicated to bringing privacy and free speech back to SNSs. A security vulnerability exists in FreeFrom the nostr client prior to version 1.3.5 that stems from the application having a dependency on obfuscating or encrypting security-related input...

The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series lies in the fact that code can be loaded without any checks for its integrity. This allows a hacker to inject additional code into the device’s firmware.

The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series is related to the loading of code without checking its integrity. Exploiting this vulnerability allows a remote attacker to inject additional code into the device’s firmware...

CVE-2023-46144

A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to disclose protected information or create, delete, or alter access to data.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to the lack of integrity checks for messages. Exploiting this vulnerability can allow an attacker to disclose protected information or create, delete, or alter...

CVE-2021-26608

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash...

CVE-2020-15528

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks...

SuperBeam Injection Vulnerability

SuperBeam is an application that utilizes WiFi networks for file transfer between cell phones. The program uses QR codes or NFC for pairing and can share multiple file formats. A security vulnerability exists in SuperBeam 4.1.3 and earlier versions, which stems from the program's failure to use...

Infotecs ViPNet Client and Coordinator Privilege Access Control Vulnerability

Infotecs ViPNet Client and Coordinator are both products of Infotecs, a German company. Infotecs ViPNet Client is the client side of a software-based VPN solution; Coordinator is the server side. A security vulnerability exists in Infotecs ViPNet Client and Coordinator that stems from incorrect...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...