Filtered by CWE-494
Filtered by vendor Subscriptions
Total 138 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-5772 1 Teltonika-networks 2 Trb245, Trb245 Firmware 2024-11-21 7.5 High
Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious package file.
CVE-2020-5398 4 Netapp, Oracle, Redhat and 1 more 34 Data Availability Services, Snapcenter, Application Testing Suite and 31 more 2024-11-21 7.5 High
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
CVE-2020-4125 1 Ibm 1 Marketing Operations 2024-11-21 8.1 High
Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
CVE-2020-36327 4 Bundler, Fedoraproject, Microsoft and 1 more 7 Bundler, Fedora, Package Manager Configurations and 4 more 2024-11-21 8.8 High
Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that is a dependency of another private gem that is explicitly depended on by the application. NOTE: it is not correct to use CVE-2021-24105 for every "Dependency Confusion" issue in every product.
CVE-2020-2320 1 Jenkins 1 Installation Manager Tool 2024-11-21 9.8 Critical
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
CVE-2020-29032 1 Secomea 2 Gatemanager 8250, Gatemanager 8250 Firmware 2024-11-21 8.4 High
Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManager all versions prior to 9.4.621054022
CVE-2020-28332 1 Barco 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware 2024-11-21 9.8 Critical
Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images.
CVE-2020-28213 1 Schneider-electric 1 Ecostruxure Control Expert 2024-11-21 8.8 High
A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus.
CVE-2020-25266 1 Appimage 1 Appimaged 2024-11-21 5.5 Medium
AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it.
CVE-2020-1595 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 9.9 Critical
<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user access a susceptible API on an affected version of SharePoint with specially-formatted input.</p> <p>The security update addresses the vulnerability by correcting how SharePoint handles deserialization of untrusted data.</p>
CVE-2020-1576 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 8.5 High
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-1453 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 8.6 High
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-1452 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 8.6 High
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-1210 1 Microsoft 4 Business Productivity Servers, Sharepoint Enterprise Server, Sharepoint Foundation and 1 more 2024-11-21 9.9 Critical
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-1200 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2024-11-21 8.6 High
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-15604 2 Microsoft, Trendmicro 6 Windows, Antivirus\+ 2019, Internet Security 2019 and 3 more 2024-11-21 7.5 High
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-494: Update files are not properly verified.
CVE-2020-10926 1 Netgear 2 R6700, R6700 Firmware 2024-11-21 8.8 High
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of the firmware image prior to performing an upgrade. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9648.
CVE-2019-9534 1 Cobham 2 Explorer 710, Explorer 710 Firmware 2024-11-21 7.8 High
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.
CVE-2019-7229 1 Abb 15 Board Support Package Un31, Cp620, Cp620-web and 12 more 2024-11-21 8.3 High
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
CVE-2019-5982 1 Sony 1 Vaio Update 2024-11-21 N/A
Improper download file verification vulnerability in VAIO Update 7.3.0.03150 and earlier allows remote attackers to conduct a man-in-the-middle attack via a malicous wireless LAN access point. A successful exploitation may result in a malicious file being downloaded/executed.