CWE-494: CWE-494

This vulnerability in Gradle's dependency resolution allows an attacker to serve malicious artifacts if they can register a domain name matching an un...

This vulnerability in Gradle's dependency resolution could allow an attacker to disrupt a legitimate repository and force builds to use a malicious re...

This CVE describes a firmware modification vulnerability in multiple Netgear router models where firmware integrity checks use a fixed checksum. Attac...

This vulnerability allows attackers who can modify or replace static HTML files used by Foxit PDF's StartPage feature to inject malicious content that...

This vulnerability in FortiClient for macOS allows local attackers to escalate privileges by modifying the installer during an upgrade process. It aff...

The Sound4 FIRST web-based management interface has a critical vulnerability that allows remote code execution through malicious firmware updates. Att...

The Sound4 IMPACT web management interface has a critical vulnerability allowing remote code execution through malicious firmware updates. Attackers c...

ECOVACS vacuum robot base stations lack firmware update validation, allowing attackers to send malicious over-the-air updates via the insecure connect...

A firmware signature validation bypass vulnerability in Tenda AC6 routers allows attackers to upload malicious firmware updates, leading to arbitrary ...

This vulnerability in MLSoft TCO!stream allows attackers to trick victims into downloading and executing arbitrary files due to insufficient permissio...

CVE-2023-37220 is a vulnerability in Synel Terminals that allows attackers to download and execute arbitrary code without integrity verification. This...

This vulnerability in Emacs Org mode allows remote file contents to be executed as trusted code when opened in Org mode. It affects Emacs versions bef...

A vulnerability in Keras 3.7.0 allows attackers to write arbitrary files to a user's machine by exploiting the get_file function with a malicious tar ...

This vulnerability allows attackers to install malicious firmware on affected devices by bypassing authentication checks during firmware updates. It a...

This vulnerability in Mahara allows attackers to bypass access controls by crafting malicious export download URLs, enabling unauthorized file downloa...

This vulnerability allows an attacker with physical access to manipulate SPI flash memory without detection, potentially compromising system integrity...

Microchip Time Provider 4100 devices before version 2.5 allow attackers to upload malicious firmware updates without cryptographic verification. This ...

This vulnerability allows unauthenticated remote attackers to bypass anti-malware scanning on Cisco Secure Web Appliances by sending specially crafted...

This CVE describes a denial of service vulnerability in Huawei office services where specially crafted requests could cause service disruption. The vu...

This CVE describes a denial-of-service vulnerability in Huawei's office service. Successful exploitation could cause the service to become unresponsiv...

This CVE describes a denial of service vulnerability in Huawei office services where attackers can disrupt service availability. The vulnerability aff...

This CVE describes a denial-of-service vulnerability in Huawei office services where attackers can disrupt service availability. The vulnerability aff...