Total
188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52263 | 2025-10-30 | N/A | 8.0 HIGH | ||
|
An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows authenticated network-adjacent attackers to upload crafted firmware, leading to arbitrary code execution.
|
|||||
| CVE-2025-11493 | 1 Connectwise | 1 Automate | 2025-10-29 | N/A | 8.8 HIGH |
|
The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by impersonating a legitimate server. This risk is mitigated when HTTPS is enforced and is related to CVE-2025-11492.
|
|||||
| CVE-2021-44168 | 1 Fortinet | 1 Fortios | 2025-10-24 | 4.6 MEDIUM | 3.3 LOW |
|
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.
|
|||||
| CVE-2025-56513 | 1 Nicehash | 1 Quickminer | 2025-10-15 | N/A | 9.8 CRITICAL |
|
NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and can hijack the update process and deliver arbitrary executables that are automatically executed, resulting in full remote code execution. This constitutes a critical supply chain attack vector.
|
|||||
| CVE-2025-57431 | 1 Sound4 | 2 Pulse-eco Aes67, Pulse-eco Aes67 Firmware | 2025-10-14 | N/A | 8.8 HIGH |
|
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution (RCE) via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the firmware.
|
|||||
| CVE-2014-2378 | 1 Sensysnetworks | 4 Trafficdot, Vds, Vsn240-f and 1 more | 2025-10-13 | 6.5 MEDIUM | N/A |
|
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update.
|
|||||
| CVE-2025-34212 | 1 Vasion | 2 Virtual Appliance Application, Virtual Appliance Host | 2025-10-09 | N/A | 9.8 CRITICAL |
|
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 (VA/SaaS deployments) possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature validation, and grants the jenkins account NOPASSWD for mount/umount. Together these allow supply chain or man-in-the-middle compromise of the build pipeline, injection of malicious firmware, and remo ...
Show More |
|||||
| CVE-2024-39819 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Workplace Desktop | 2025-10-02 | N/A | 6.7 MEDIUM |
|
Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
|
|||||
| CVE-2025-11182 | 2025-10-02 | N/A | 6.5 MEDIUM | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code Without Integrity Check vulnerability in GTONE ChangeFlow allows Path Traversal.This issue affects ChangeFlow: All versions to v9.0.1.1.
|
|||||
| CVE-2024-52331 | 1 Ecovacs | 28 Airbot Andy, Airbot Andy Firmware, Airbot Ava and 25 more | 2025-10-02 | N/A | 7.5 HIGH |
|
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successfully decrypted and installed by the robot.
|
|||||
| CVE-2024-33660 | 1 Ami | 1 Aptio V | 2025-10-02 | N/A | 4.3 MEDIUM |
|
An exploit is possible where an actor with physical access can manipulate SPI flash without being detected.
|
|||||
| CVE-2025-30199 | 1 Ecovacs | 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more | 2025-09-23 | N/A | 7.2 HIGH |
|
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
|
|||||
| CVE-2024-55459 | 1 Keras | 1 Keras | 2025-09-22 | N/A | 6.5 MEDIUM |
|
An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
|
|||||
| CVE-2025-9319 | 2025-09-15 | N/A | 7.5 HIGH | ||
|
A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions.
|
|||||
| CVE-2025-55581 | 1 Dlink | 2 Dcs-825l, Dcs-825l Firmware | 2025-09-12 | N/A | 7.3 HIGH |
|
D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust an ...
Show More |
|||||
| CVE-2025-55582 | 1 Dlink | 2 Dcs-825l, Dcs-825l Firmware | 2025-09-09 | N/A | 6.6 MEDIUM |
|
D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script executes these binaries as root in an infinite loop, leading to persistent privilege escalation and arbit ...
Show More |
|||||
| CVE-2024-47192 | 1 Mahara | 1 Mahara | 2025-09-05 | N/A | 5.3 MEDIUM |
|
An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker to download files that they do not have permission to download.
|
|||||
| CVE-2025-35115 | 1 Atlassian | 1 Agiloft | 2025-09-02 | N/A | 8.1 HIGH |
|
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
|
|||||
| CVE-2025-53520 | 2025-08-08 | N/A | 8.8 HIGH | ||
|
The affected product allows firmware updates to be downloaded from EG4's
website, transferred via USB dongles, or installed through EG4's
Monitoring Center (remote, cloud-connected interface) or via a serial
connection, and can install these files without integrity checks. The
TTComp archive format used for the firmware is unencrypted and can be
unpacked and altered without detection.
|
|||||
| CVE-2024-39348 | 1 Synology | 1 Router Manager | 2025-08-07 | N/A | 7.5 HIGH |
|
Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2025-53696 | 2025-07-29 | N/A | N/A | ||
|
iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These firmware parts may contain malicious code. Tested up to firmware 6.9.2, later firmwares are also possibly affected.
|
|||||
| CVE-2025-7620 | 2025-07-15 | N/A | 8.8 HIGH | ||
|
The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs.
|
|||||
| CVE-2025-52937 | 2025-06-23 | N/A | N/A | ||
|
Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C.
This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE).
|
|||||
| CVE-2024-27438 | 1 Apache | 1 Doris | 2025-06-17 | N/A | 9.8 CRITICAL |
|
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution.
Once the attacker is authorized to create a JDBC catalog, he/she can use arbitrary driver jar file with unchecked code snippet. This code snippet will be run when catalog is initializing without any check.
This issue affects Apache Doris: from 1.2.0 through 2.0.4.
Users are recommended to upgrade to version 2.0.5 or 2.1 ...
Show More |
|||||
| CVE-2024-33118 | 1 Luckyframe | 1 Luckyframeweb | 2025-06-10 | N/A | 7.5 HIGH |
|
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
|
|||||
| CVE-2023-47353 | 1 Imoulife | 1 Imou Go | 2025-05-08 | N/A | 8.8 HIGH |
|
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files.
|
|||||
| CVE-2022-37908 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2025-05-02 | N/A | 5.8 MEDIUM |
|
An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller.
|
|||||
| CVE-2024-30205 | 2 Debian, Gnu | 3 Debian Linux, Emacs, Org Mode | 2025-05-01 | N/A | 7.1 HIGH |
|
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
|
|||||
| CVE-2025-28236 | 2025-04-22 | N/A | 9.8 CRITICAL | ||
|
Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability allows attackers to execute arbitrary code via supplying a crafted update package to the /#/software/upgrades endpoint.
|
|||||
| CVE-2017-2739 | 1 Huawei | 1 Vmall | 2025-04-20 | 2.9 LOW | 3.1 LOW |
|
The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.
|
|||||
| CVE-2017-12306 | 1 Cisco | 1 Conference Director | 2025-04-20 | 2.1 LOW | 4.4 MEDIUM |
|
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation. An attacker could exploit this vulnerability by providing the upgrade process with an upgrade package that the attacker controls. An exploit could allow the attacker to install custom firmware to the Spark Board. Cisco Bug IDs: CSCvf84502.
|
|||||
| CVE-2017-12740 | 1 Siemens | 1 Logo\! Soft Comfort | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
|
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.
|
|||||
| CVE-2017-13083 | 1 Rufus Project | 1 Rufus | 2025-04-20 | 6.8 MEDIUM | 5.3 MEDIUM |
|
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code
|
|||||
| CVE-2017-2707 | 1 Huawei | 2 Mate 9, Mate 9 Firmware | 2025-04-20 | 5.8 MEDIUM | 7.1 HIGH |
|
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.
|
|||||
| CVE-2022-46423 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2025-04-17 | N/A | 8.1 HIGH |
|
An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.
|
|||||
| CVE-2022-46428 | 1 Tp-link | 2 Tl-wr1043nd V1, Tl-wr1043nd V1 Firmware | 2025-04-16 | N/A | 4.8 MEDIUM |
|
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
|
|||||
| CVE-2022-46430 | 1 Tp-link | 8 Tl-wr740n V1, Tl-wr740n V1 Firmware, Tl-wr740n V2 and 5 more | 2025-04-16 | N/A | 4.8 MEDIUM |
|
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
|
|||||
| CVE-2022-24117 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2025-04-12 | N/A | 9.8 CRITICAL |
|
Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
|
|||||
| CVE-2008-3438 | 1 Apple | 1 Mac Os X | 2025-04-09 | 7.5 HIGH | 8.1 HIGH |
|
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
|
|||||
| CVE-2008-3324 | 1 Party Gaming | 1 Party Poker Client | 2025-04-09 | 7.6 HIGH | 8.1 HIGH |
|
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of updates, which allows remote man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.
|
|||||