Total
148 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45821 | 1 Artifacthub | 1 Hub | 2024-11-21 | N/A | 5.4 MEDIUM |
| Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which the `registryIsDockerHub` function was only checking that the registry domain had the `docker.io` suffix. Artifact Hub allows providing some Docker credentials that are used to increase the rate limit applied when interacting with the Docker Hub registry API to read publicly available content. Due to the incorrect check described above, it'd be possible to hijack those credentials by purchasing a domain which ends with `docker.io` and deploying a fake OCI registry on it. <https://artifacthub.io/> uses some credentials that only have permissions to read public content available in the Docker Hub. However, even though credentials for private repositories (disabled on `artifacthub.io`) are handled in a different way, other Artifact Hub deployments could have been using them for a different purpose. This issue has been resolved in version `1.16.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-45799 | 1 Mlsoft | 1 Tco\!stream | 2024-11-21 | N/A | 7.2 HIGH |
| In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient permission validation. This allows an attacker to make the victim download and execute arbitrary files. | |||||
| CVE-2023-43608 | 1 Buildroot | 1 Buildroot | 2024-11-21 | N/A | 8.1 HIGH |
| A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder. | |||||
| CVE-2023-41921 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently verifying the origin and integrity of the code. This vulnerability can allow attackers to modify the firmware before uploading it to the system, thus achieving the modification of the target’s integrity to achieve an insecure state. | |||||
| CVE-2023-40254 | 1 Genians | 2 Genian Nac, Genian Ztna | 2024-11-21 | N/A | 7.5 HIGH |
| Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | |||||
| CVE-2023-37864 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2024-11-21 | N/A | 7.2 HIGH |
| In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device. | |||||
| CVE-2023-37220 | 1 Synel | 42 Bioentry-w2, Bioentry-w2 Firmware, Bioentry P2 and 39 more | 2024-11-21 | N/A | 7.2 HIGH |
| Synel Terminals - CWE-494: Download of Code Without Integrity Check | |||||
| CVE-2023-22635 | 1 Fortinet | 1 Forticlient | 2024-11-21 | N/A | 7.3 HIGH |
| A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade. | |||||
| CVE-2022-4261 | 1 Rapid7 | 2 Insightvm, Nexpose | 2024-11-21 | N/A | 4.4 MEDIUM |
| Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself. | |||||
| CVE-2022-45442 | 2 Debian, Sinatrarb | 2 Debian Linux, Sinatra | 2024-11-21 | N/A | 8.8 HIGH |
| Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue. | |||||
| CVE-2022-38199 | 1 Esri | 1 Arcgis Server | 2024-11-21 | N/A | 6.1 MEDIUM |
| A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings against running unsigned executables downloaded from the internet. | |||||
| CVE-2022-36671 | 1 Xxyopen | 1 Novel-plus | 2024-11-21 | N/A | 7.5 HIGH |
| Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API. | |||||
| CVE-2022-36359 | 2 Debian, Djangoproject | 2 Debian Linux, Django | 2024-11-21 | N/A | 8.8 HIGH |
| An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. | |||||
| CVE-2022-31324 | 1 Pentasecurity | 1 Wapples | 2024-11-21 | N/A | 6.5 MEDIUM |
| An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request. | |||||
| CVE-2022-28944 | 2 Emcosoftware, Microsoft | 9 Msi Package Builder, Network Inventory, Network Software Scanner and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process. | |||||
| CVE-2022-27438 | 29 3cx, Boom, Caphyon and 26 more | 99 Call Flow Designer, Crm Template Generator, Boomtv Streamer Portal and 96 more | 2024-11-21 | 5.1 MEDIUM | 8.1 HIGH |
| Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check. | |||||
| CVE-2022-24644 | 1 Zzinc | 2 Keymouse, Keymouse Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse. | |||||
| CVE-2022-24140 | 1 Iobit | 5 Advanced System Care, Driver Booster, Itop Screen Recorder and 2 more | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file and will try to install the update automatically with ADMIN privileges. An attacker Intercepting this communication can supply the product a fake config file with malicious locations for the updates thus gaining a remote code execution on an endpoint. | |||||
| CVE-2022-22786 | 1 Zoom | 2 Meetings, Rooms | 2024-11-21 | 6.8 MEDIUM | 7.5 HIGH |
| The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. | |||||
| CVE-2021-45027 | 1 Softlinkint | 1 Oliver V5 Library | 2024-11-21 | N/A | 7.5 HIGH |
| An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input. | |||||