EUVD-2017-16903

Malware in sbrugna...

BIT-KYVERNO-2022-47633

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...

CVE-2025-34071 GFI Kerio Control Unsigned System Image Upload Root Code Execution

A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...

CVE-2025-34071

CVE-2025-34071 affects GFI Kerio Control 9.4.5 where the firmware upgrade feature can be abused to achieve remote code execution. The root cause is an upgrade mechanism that accepts unsigned .img files and does not validate authenticity or integrity, allowing modified upgrades (including scripts ...

PT-2020-4183 · Cisco · Cisco Ios Xe Rom Monitor (Rommon)

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers...

CVE-2019-1810

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...

CVE-2019-1813

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

CVE-2019-1811

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

CVE-2019-1812

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

Design/Logic Flaw

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

CVE-2019-1811 Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not...

Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

Multiple vulnerabilities in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerabilities exist because software digital signatures...

PT-2019-2213 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the Image Signature Verification feature could allow an authenticated, local attacker with administrator-level credentials to install a malicious software...

PT-2019-2212 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to incorrect verification of cryptographic signatures in the Image Signature Verification feature of Cisco NX-OS Software. This could allow an authenticate...

PT-2019-2215 · Cisco · Cisco Nexus 3000 Series +3

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 3000 Series and 9000 Series Switches affected versions not specified Description: A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command could allow an authenticated, local attacker with...

CVE-2019-1615

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...

Local Security Bypass Vulnerability in IOS ROM Monitor Software for Multiple Cisco Products

Cisco Catalyst 6800 Series Supervisor Engine 6T and others are switch products from Cisco USA. the IOS ROM Monitor ROMMON Software is one of the set of ROM monitoring software for iOS devices. A privilege license and access control vulnerability exists in IOS ROMMON Software in multiple Cisco...

Foscam C1 Indoor HD Camera Firmware Recovery Unsigned Image Vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A security vulnerability exists in the recovery process used in the Foscam C1 Indoor HD Camera, which stems from the program's failure to perform adequate security checks. The vulnerability can be exploited by an attacker to...

Vulnerability Spotlight: Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability

This vulnerability was discovered by Claudio Bozzato of Cisco Talos. Executive Summary The Foscam C1 Indoor HD Camera is a network-based camera that is marketed for a variety of uses, including as a home security monitoring device. Talos recently identified 32 vulnerabilities present in these...

Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability

Summary Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. An attacker who is in the same subnetwork of the camera or has remote administrator access, can fully compromise the device by performing a firmware...