EUVD-2021-7613

Malicious code in bioql PyPI...

Bitdefender GravityZone Update Server 代码问题漏洞

Bitdefender GravityZone Update Server is a solution for managing and distributing update files on the Bitdefender GravityZone administrator console from Bitdefender Romania. A code issue vulnerability exists in Bitdefender GravityZone Update Server versions prior to 3.5.2.689, which is rooted in...

CVE-2022-3913 Rapid7 Nexpose Certificate Validation Issue

Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the...

PT-2019-12931 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.7 Description: An issue was discovered where the update server URL of com joomlaupdate can be manipulated by non Super-Admin users. Recommendations: For versions prior to 3.9.7, update to version 3.9.7 or later t...

Code injection

Mobile Devices aka MDI C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, do not validate firmware updates, which allows remote attackers to execute arbitrary code by specifying an update server...