Filtered by CWE-494
Total 155 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45839 1 Buildroot 1 Buildroot 2025-02-13 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs-util` package.
CVE-2023-45838 1 Buildroot 1 Buildroot 2025-02-13 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs` package.
CVE-2023-43608 1 Buildroot 1 Buildroot 2025-02-13 8.1 High
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.
CVE-2022-36359 2 Debian, Djangoproject 2 Debian Linux, Django 2025-02-13 8.8 High
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
CVE-2025-1058 2025-02-13 8.1 High
CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded.
CVE-2021-44168 1 Fortinet 1 Fortios 2025-02-12 3.3 Low
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.
CVE-2024-52331 2025-02-12 7.5 High
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successfully decrypted and installed by the robot.
CVE-2023-24503 1 Electra-air 1 Smart Kit For Split Ac 2025-02-06 7.5 High
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW.
CVE-2023-24500 1 Electra-air 2 Central Ac Unit, Central Ac Unit Firmware 2025-02-06 7.5 High
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW.
CVE-2023-28317 1 Rocket.chat 1 Rocket.chat 2025-01-28 5.3 Medium
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.
CVE-2024-42183 2025-01-23 2.5 Low
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls.
CVE-2024-55459 2025-01-09 6.5 Medium
An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
CVE-2023-29401 2 Gin-gonic, Redhat 4 Gin, Migration Toolkit Virtualization, Openshift and 1 more 2025-01-06 4.3 Medium
The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of "setup.bat";x=.txt" will be sent as a file named "setup.bat". If the FileAttachment function is called with names provided by an untrusted source, this may permit an attacker to cause a file to be served with a name different than provided. Maliciously crafted attachment file name can modify the Content-Disposition header.
CVE-2024-45321 3 App\, Perl, Redhat 3 \, Cpanminus, Enterprise Linux 2024-12-05 9.8 Critical
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.
CVE-2024-54126 1 Tp-link 1 Archer C50 Firmware 2024-12-05 N/A
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicious firmware which could lead to complete compromise of the targeted device.
CVE-2024-33660 2024-11-21 4.3 Medium
An exploit is possible where an actor with physical access can manipulate SPI flash without being detected.
CVE-2024-39348 2024-11-21 7.5 High
Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.
CVE-2024-33118 1 Luckyframe 1 Luckyframeweb 2024-11-21 7.5 High
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
CVE-2024-30206 2024-11-21 8.8 High
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. A successful exploit requires the attacker to be able to modify the communication between server and client on the network.
CVE-2024-28878 2024-11-21 9.6 Critical
IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes the code without sufficiently verifying the origin or integrity of the code.