20 matches found
CVE-2025-67460
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access...
CVE-2025-67460
CVE-2025-67460 affects Zoom Rooms for Windows prior to 6.6.0. The issue is a Protection Mechanism Failure of Software Downgrade , allowing an unauthenticated user with local access to escalate privileges. The vulnerability is scoped to the Windows version; CVSS v3.1 base score is 7.8 (HIGH) with ...
EUVD-2024-47297
Malicious code in bioql PyPI...
EUVD-2025-23677
Malicious code in bioql PyPI...
Unspecified Vulnerability in Kenwood DMX958XR
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. A security vulnerability exists in the Kenwood DMX958XR, which can be exploited by attackers to cause a software downgrade...
CVE-2025-8656
Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2025-8656
Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2025-8656 Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability
Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2025-8656 Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability
Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2025-8656
Kenwood DMX958XR is affected by a vulnerability in the libSystemLib library where update-version validation is missing. This allows physically present attackers to downgrade software without authentication. The issue can enable arbitrary code execution in the context of root when combined with ot...
Kenwood DMX958XR 安全漏洞
The Kenwood DMX958XR is an in-car infotainment system from Kenwood. A security vulnerability exists in the Kenwood DMX958XR, which can be exploited by attackers to cause a software downgrade...
PT-2025-32065 · Kenwood · Kenwood Dmx958Xr
Name of the Vulnerable Software and Affected Versions: Kenwood DMX958XR affected versions not specified Description: A flaw exists within the libSystemLib library that allows physically present attackers to downgrade the software on affected Kenwood DMX958XR devices without authentication. This i...
(0Day) (Pwn2Own) Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability
This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the libSystemLib library. The issue results from the lack of proper...
(Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability
This vulnerability allows network-adjacent attackers to downgrade Synology software on affected installations of Synology BC500 cameras. Authentication is required to exploit this vulnerability. The specific flaw exists within the update functionality. The issue results from the lack of proper...
CVE-2024-6153 Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2024-6153
CVE-2024-6153 affects Parallels Desktop Updater. The flaw is in the Updater service where version information is not properly validated before performing updates. This enables local attackers who can run low-privilege code to cause a downgrade and, potentially in conjunction with other vulnerabil...
CVE-2024-6153 Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target...
PT-2023-2222 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches versions prior to 16.11.1 Description: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker...
Cisco AnyConnect Secure Mobility Client VPN Downgrade
The remote host has a version of Cisco AnyConnect 2.5 MR6 / 3.0 MR8. Such versions are potentially affected by a software downgrade vulnerability. The WebLaunch VPN downloader implementation does not compare timestamps of offered software to install with currently installed software, which may...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Advisory ID: cisco-sa-20120620-ac Revision 1.0 For Public Release 2012 June 20 16:00 UTC GMT +--------------------------------------------------------------------- Summary ======= T...