Total
111 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43608 | 1 Buildroot | 1 Buildroot | 2024-11-21 | N/A | 8.1 HIGH |
| A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder. | |||||
| CVE-2023-41921 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently verifying the origin and integrity of the code. This vulnerability can allow attackers to modify the firmware before uploading it to the system, thus achieving the modification of the target’s integrity to achieve an insecure state. | |||||
| CVE-2023-40254 | 1 Genians | 2 Genian Nac, Genian Ztna | 2024-11-21 | N/A | 7.5 HIGH |
| Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | |||||
| CVE-2023-39474 | 2024-11-21 | N/A | 8.0 HIGH | ||
| Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server. The specific flaw exists within the downloadLaunchClientJar function. The issue results from the lack of validating a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user. . Was ZDI-CAN-19915. | |||||
| CVE-2023-37864 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2024-11-21 | N/A | 7.2 HIGH |
| In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device. | |||||
| CVE-2023-37220 | 1 Synel | 42 Bioentry-w2, Bioentry-w2 Firmware, Bioentry P2 and 39 more | 2024-11-21 | N/A | 7.2 HIGH |
| Synel Terminals - CWE-494: Download of Code Without Integrity Check | |||||
| CVE-2023-29401 | 1 Gin-gonic | 1 Gin | 2024-11-21 | N/A | 4.3 MEDIUM |
| The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of "setup.bat";x=.txt" will be sent as a file named "setup.bat". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header. | |||||
| CVE-2023-27025 | 1 Ruoyi | 1 Ruoyi | 2024-11-21 | N/A | 7.5 HIGH |
| An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server. | |||||
| CVE-2023-23110 | 1 Netgear | 18 D6100, D6100 Firmware, Dgn1000v3 and 15 more | 2024-11-21 | N/A | 7.4 HIGH |
| An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier. | |||||
| CVE-2023-22635 | 1 Fortinet | 1 Forticlient | 2024-11-21 | N/A | 7.3 HIGH |
| A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade. | |||||
| CVE-2022-4261 | 1 Rapid7 | 2 Insightvm, Nexpose | 2024-11-21 | N/A | 4.4 MEDIUM |
| Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself. | |||||
| CVE-2022-46430 | 1 Tp-link | 8 Tl-wr740n V1, Tl-wr740n V1 Firmware, Tl-wr740n V2 and 5 more | 2024-11-21 | N/A | 4.8 MEDIUM |
| TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | |||||
| CVE-2022-46428 | 1 Tp-link | 2 Tl-wr1043nd V1, Tl-wr1043nd V1 Firmware | 2024-11-21 | N/A | 4.8 MEDIUM |
| TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | |||||
| CVE-2022-45442 | 2 Debian, Sinatrarb | 2 Debian Linux, Sinatra | 2024-11-21 | N/A | 8.8 HIGH |
| Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue. | |||||
| CVE-2022-40799 | 1 Dlink | 2 Dnr-322l, Dnr-322l Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. | |||||
| CVE-2022-38199 | 1 Esri | 1 Arcgis Server | 2024-11-21 | N/A | 6.1 MEDIUM |
| A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services that may in some edge cases allow a remote, unauthenticated attacker to induce an unsuspecting victim to launch a process in the victim's PATH environment. Current browsers provide users with warnings against running unsigned executables downloaded from the internet. | |||||
| CVE-2022-36671 | 1 Xxyopen | 1 Novel-plus | 2024-11-21 | N/A | 7.5 HIGH |
| Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API. | |||||
| CVE-2022-36359 | 2 Debian, Djangoproject | 2 Debian Linux, Django | 2024-11-21 | N/A | 8.8 HIGH |
| An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. | |||||
| CVE-2022-31324 | 1 Pentasecurity | 1 Wapples | 2024-11-21 | N/A | 6.5 MEDIUM |
| An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request. | |||||
| CVE-2022-28944 | 2 Emcosoftware, Microsoft | 9 Msi Package Builder, Network Inventory, Network Software Scanner and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process. | |||||