CWE:
 

Tytuł
Data
Autor
Med.
Barco wePresent Insecure Firmware Image
21.11.2020
Matthew Bergin


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2022-03-10
Medium
CVE-2022-24644

Updating...
 

 
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse.

 
2022-01-04
Medium
CVE-2021-44168

Vendor: Fortinet
Software: Fortios
 

 
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

 
2021-10-28
Medium
CVE-2020-7875

Updating...
 

 
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.

 
2021-09-08
Low
CVE-2021-30669

Vendor: Apple
Software: Mac os x
 

 
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application may bypass Gatekeeper checks.

 
2021-05-07
Medium
CVE-2021-27574

Vendor: Remotemouse
Software: Emote remote...
 

 
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.

 
2020-12-03
High
CVE-2020-2320

Vendor: Jenkins
Software: Installation...
 

 
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.

 
2020-12-02
Low
CVE-2020-25266

Vendor: Appimage
Software: Appimaged
 

 
AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it.

 
2020-11-19
Waiting for details
CVE-2020-28213

Updating...
 

 

 
2020-09-11
Medium
CVE-2020-1200

Vendor: Microsoft
Software: Sharepoint e...
 

 
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1210, CVE-2020-1452, CVE-2020-1453, CVE-2020-1576, CVE-2020-1595.

 
Medium
CVE-2020-1210

Vendor: Microsoft
Software: Sharepoint e...
 

 
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1200, CVE-2020-1452, CVE-2020-1453, CVE-2020-1576, CVE-2020-1595.

 

 


Copyright 2022, cxsecurity.com

 

Back to Top