Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-345
Total 261 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-1405 1 Ibm 1 Security Identity Manager 2019-10-09 4.0 MEDIUM 4.9 MEDIUM
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 127392.
CVE-2017-12740 1 Siemens 1 Logo\! Soft Comfort 2019-10-09 4.3 MEDIUM 5.9 MEDIUM
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.
CVE-2017-10624 1 Juniper 1 Junos Space 2019-10-09 5.1 MEDIUM 7.5 HIGH
Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.
CVE-2015-3956 1 Pifzer 6 Plum A\+3 Infusion System, Plum A\+3 Infusion System Firmware, Plum A\+ Infusion System and 3 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, pump commands, and unauthorized configuration changes from unauthenticated devices on the host network. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
CVE-2018-17287 1 Kofax 1 Front Office Server 2019-10-02 4.0 MEDIUM 4.9 MEDIUM
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation.
CVE-2017-17023 2 Ncp-e, Sophos 2 Ncp Secure Entry Client, Ipsec Client 2019-10-02 9.3 HIGH 8.1 HIGH
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows a man-in-the-middle (MITM) or man-on-the-side (MOTS) attacker to execute arbitrary, malicious software on a target user's computer. This is related to SIC_V11.04-64.exe (Sophos), NCP_EntryCl_Windows_x86_1004_31799.exe (NCP), and ncpmon.exe (both Sophos and NCP). The vulnerability exists because: (1) the VPN client requests update metadata over an insecure HTTP connection; and (2) the client software does not check if the software update is signed before running it.
CVE-2017-0563 1 Linux 1 Linux Kernel 2019-10-02 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32089409.
CVE-2017-9606 1 Infotecs 2 Vipnet Client, Vipnet Coordinator 2019-10-02 4.4 MEDIUM 7.3 HIGH
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks.
CVE-2018-7932 1 Huawei 1 Appgallery 2019-10-02 6.8 MEDIUM 8.8 HIGH
Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An attacker may set up a malicious network environment and trick user into accessing a malicious web page to bypass the whitelist mechanism, which make the malicious Javascript loaded and run in the smart phone.
CVE-2018-6562 1 Totemo 1 Totemomail Encryption Gateway 2019-10-02 5.0 MEDIUM 7.5 HIGH
totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack.
CVE-2018-2434 1 Sap 3 Netweaver, Ui Infra, User Interface Technology 2019-10-02 4.3 MEDIUM 4.3 MEDIUM
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks.
CVE-2018-12333 1 Ecos 2 Secure Boot Stick, Secure Boot Stick Firmware 2019-10-02 6.8 MEDIUM 8.1 HIGH
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.
CVE-2017-11178 1 Finecms Project 1 Finecms 2019-10-02 5.0 MEDIUM 7.5 HIGH
In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked.
CVE-2017-11130 1 Stashcat 1 Heinekingmedia 2019-10-02 6.8 MEDIUM 8.1 HIGH
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The product's protocol only tries to ensure confidentiality. In the whole protocol, no integrity or authenticity checks are done. Therefore man-in-the-middle attackers can conduct replay attacks.
CVE-2019-11737 1 Mozilla 1 Firefox 2019-10-02 5.0 MEDIUM 5.3 MEDIUM
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
CVE-2015-3908 1 Redhat 1 Ansible 2019-09-16 4.3 MEDIUM N/A
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2019-13483 1 Auth0 1 Passport-sharepoint 2019-07-31 7.5 HIGH 7.3 HIGH
Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mechanisms.
CVE-2019-11235 5 Canonical, Fedoraproject, Freeradius and 2 more 10 Ubuntu Linux, Fedora, Freeradius and 7 more 2019-05-13 7.5 HIGH 9.8 CRITICAL
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
CVE-2017-7674 1 Apache 1 Tomcat 2019-04-15 4.3 MEDIUM 4.3 MEDIUM
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
CVE-2015-0251 5 Apache, Apple, Opensuse and 2 more 9 Subversion, Xcode, Opensuse and 6 more 2018-10-30 4.0 MEDIUM N/A
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.