Vulnerabilities (CVE)

Filtered by CWE-494
Total 98 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16760 1 Rust-lang 1 Rust 2024-02-04 5.0 MEDIUM 7.5 HIGH
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a malicious package. This not only affects manifests that you write locally yourself, but also manifests published to crates.io. Rust 1.0.0 through Rust 1.25.0 is affected by this advisory because Cargo will ignore the `package` key in manifests. Rust 1.26.0 through Rust 1.30.0 are not affected and typically will emit an error because the `package` key is unstable. Rust 1.31.0 and after are not affected because Cargo understands the `package` key. Users of the affected versions are strongly encouraged to update their compiler to the latest available one. Preventing this issue from happening requires updating your compiler to be either Rust 1.26.0 or newer. There will be no point release for Rust versions prior to 1.26.0. Users of Rust 1.19.0 to Rust 1.25.0 can instead apply linked patches to mitigate the issue.
CVE-2019-3977 1 Mikrotik 1 Routeros 2024-02-04 8.5 HIGH 7.5 HIGH
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where upgrade packages are download from when using the autoupgrade feature. Therefore, a remote attacker can trick the router into "upgrading" to an older version of RouterOS and possibly reseting all the system's usernames and passwords.
CVE-2019-14845 1 Redhat 1 Openshift 2024-02-04 2.9 LOW 5.3 MEDIUM
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
CVE-2020-8809 1 Gurux 1 Device Language Message Specification Director 2024-02-04 6.8 MEDIUM 8.1 HIGH
Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810.
CVE-2020-5398 3 Netapp, Oracle, Vmware 33 Data Availability Services, Snapcenter, Application Testing Suite and 30 more 2024-02-04 7.6 HIGH 7.5 HIGH
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
CVE-2010-3440 2 Babiloo Project, Debian 2 Babiloo, Debian Linux 2024-02-04 3.3 LOW 5.5 MEDIUM
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.
CVE-2019-13534 1 Philips 19 865240, 865241, 865242 and 16 more 2024-02-04 6.5 MEDIUM 7.2 HIGH
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C) and WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by Version C). The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
CVE-2019-12728 1 Grails 1 Grails 2024-02-04 6.8 MEDIUM 8.1 HIGH
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP.
CVE-2019-12162 1 Upwork 1 Time Tracker 2024-02-04 4.6 MEDIUM 7.8 HIGH
Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe.
CVE-2019-7229 1 Abb 15 Board Support Package Un31, Cp620, Cp620-web and 12 more 2024-02-04 5.4 MEDIUM 8.3 HIGH
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
CVE-2019-5982 1 Sony 1 Vaio Update 2024-02-04 5.4 MEDIUM 7.5 HIGH
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.
CVE-2018-4009 1 Shimovpn 1 Shimo Vpn 2024-02-04 7.2 HIGH 7.8 HIGH
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit this bug.
CVE-2018-19234 1 Comparex 1 Miss Marple 2024-02-04 9.0 HIGH 8.8 HIGH
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation.
CVE-2018-13012 1 Safensoft 3 Softcontrol Enterprise Suite, Softcontrol Syswatch, Softcontrol Tpsecure 2024-02-04 6.8 MEDIUM 8.1 HIGH
Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server.
CVE-2017-2739 1 Huawei 1 Vmall 2024-02-04 2.9 LOW 3.1 LOW
The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.
CVE-2017-2707 1 Huawei 2 Mate 9, Mate 9 Firmware 2024-02-04 5.8 MEDIUM 7.1 HIGH
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.
CVE-2017-12306 1 Cisco 1 Conference Director 2024-02-04 2.1 LOW 4.4 MEDIUM
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation. An attacker could exploit this vulnerability by providing the upgrade process with an upgrade package that the attacker controls. An exploit could allow the attacker to install custom firmware to the Spark Board. Cisco Bug IDs: CSCvf84502.
CVE-2017-13083 1 Rufus Project 1 Rufus 2024-02-04 6.8 MEDIUM 8.1 HIGH
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code