Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-354
Total 78 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31913 1 Jetbrains 1 Teamcity 2021-05-17 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
CVE-2021-20709 1 Nec 6 Aterm Wf1200cr, Aterm Wf1200cr Firmware, Aterm Wg1200cr and 3 more 2021-05-05 9.0 HIGH 7.2 HIGH
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3.2 and earlier, Aterm WG1200CR firmware Ver1.3.3 and earlier, and Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to a specific URL.
CVE-2020-25758 1 Dlink 20 Dsr-1000, Dsr-1000 Firmware, Dsr-1000ac and 17 more 2021-04-23 9.0 HIGH 8.8 HIGH
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root.
CVE-2020-25862 5 Debian, Fedoraproject, Opensuse and 2 more 5 Debian Linux, Fedora, Leap and 2 more 2021-02-10 5.0 MEDIUM 7.5 HIGH
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
CVE-2020-9118 1 Huawei 2 Ais-bw80h-00, Ais-bw80h-00 Firmware 2021-02-10 4.6 MEDIUM 6.8 MEDIUM
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Affected product versions include:AIS-BW80H-00 versions 9.0.3.1(H100SP13C00),9.0.3.1(H100SP18C00),9.0.3.1(H100SP3C00),9.0.3.1(H100SP9C00),9.0.3.2(H100SP1C00),9.0.3.2(H100SP2C00),9.0.3.2(H100SP5C00),9.0.3.2(H100SP8C00),9.0.3.3(H100SP1C00).
CVE-2021-20184 1 Moodle 1 Moodle 2021-02-01 4.0 MEDIUM 4.3 MEDIUM
It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades.
CVE-2020-5637 1 Necplatforms 2 Aterm Sa3500g, Aterm Sa3500g Firmware 2020-12-15 5.2 MEDIUM 6.8 MEDIUM
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.
CVE-2020-5798 1 Druva 1 Insync 2020-12-08 7.2 HIGH 7.8 HIGH
inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.
CVE-2020-28656 1 Vw 2 Polo, Polo Firmware 2020-12-02 7.2 HIGH 6.8 MEDIUM
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainment system and executed as root.
CVE-2020-26896 1 Lightning Network Daemon Project 1 Lightning Network Daemon 2020-11-05 5.8 MEDIUM 8.2 HIGH
Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. While claiming on-chain a received HTLC output, it didn't verify that the corresponding outgoing off-chain HTLC was already settled before releasing the preimage. In the case of a hash-and-amount collision with an invoice, the preimage for an expected payment was instead released. A malicious peer could have deliberately intercepted an HTLC intended for the victim node, probed the preimage through a colluding relayed HTLC, and stolen the intercepted HTLC. The impact is a loss of funds in certain situations, and a weakening of the victim's receiver privacy.
CVE-2020-26895 1 Lightning Network Daemon Project 1 Lightning Network Daemon 2020-10-30 5.0 MEDIUM 5.3 MEDIUM
Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by any peer with an open channel regardless of the victim situation (e.g., routing node, payment-receiver, or payment-sender). The impact is a loss of funds in certain situations.
CVE-2019-10155 5 Fedoraproject, Libreswan, Redhat and 2 more 5 Fedora, Libreswan, Enterprise Linux and 2 more 2020-09-30 3.5 LOW 3.1 LOW
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
CVE-2019-0071 1 Juniper 4 Ex2300, Ex2300-c, Ex3400 and 1 more 2020-09-28 7.2 HIGH 7.8 HIGH
Veriexec is a kernel-based file integrity subsystem in Junos OS that ensures only authorized binaries are able to be executed. Due to a flaw in specific versions of Junos OS, affecting specific EX Series platforms, the Veriexec subsystem will fail to initialize, in essence disabling file integrity checking. This may allow a locally authenticated user with shell access to install untrusted executable images, and elevate privileges to gain full control of the system. During the installation of an affected version of Junos OS are installed, the following messages will be logged to the console: Initializing Verified Exec: /sbin/veriexec: Undefined symbol "__aeabi_uidiv" /sbin/veriexec: Undefined symbol "__aeabi_uidiv" /sbin/veriexec: Undefined symbol "__aeabi_uidiv" veriexec: /.mount/packages/db/os-kernel-prd-arm-32-20190221.70c2600_builder_stable_11/boot/brcm-hr3.dtb: Authentication error veriexec: /.mount/packages/db/os-kernel-prd-arm-32-20190221.70c2600_builder_stable_11/boot/contents.izo: Authentication error ... This issue affects Juniper Networks Junos OS: 18.1R3-S4 on EX2300, EX2300-C and EX3400; 18.3R1-S3 on EX2300, EX2300-C and EX3400.
CVE-2020-7807 2 Lg, Microsoft 5 Ipsfullhd, Lg Ultrawide, Lgpcsuite Setup and 2 more 2020-09-21 1.9 LOW 5.5 MEDIUM
A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64).
CVE-2018-6336 1 Linuxfoundation 1 Osquery 2020-09-18 6.8 MEDIUM 7.8 HIGH
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7
CVE-2020-11497 1 Woocommerce 1 Nab Transact 2020-09-01 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress. An online payment system bypass allows orders to be marked as fully paid by assigning an arbitrary bank transaction ID during the payment-details entry step.
CVE-2019-1163 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka 'Windows File Signature Security Feature Bypass Vulnerability'.
CVE-2018-1000159 1 Tlslite-ng Project 1 Tlslite-ng 2020-08-24 4.3 MEDIUM 5.9 MEDIUM
tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line "end_pos = data_len - 1 - mac.digest_size" that can result in an attacker manipulating the TLS ciphertext which will not be detected by receiving tlslite-ng. This attack appears to be exploitable via man in the middle on a network connection. This vulnerability appears to have been fixed after commit 3674815d1b0f7484454995e2737a352e0a6a93d8.
CVE-2019-12097 1 Progress 1 Fiddler 2020-08-24 6.8 MEDIUM 7.8 HIGH
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe.
CVE-2019-1166 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2020-08-24 4.3 MEDIUM 5.9 MEDIUM
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.