CVE-2022-36174

HIGH Year: 2022
CVSS v3 Score
8.1
High
Weakness Type
CWE-354
View all →

Vulnerability Description

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.

Related Vulnerabilities

CVE-2017-3760

HIGH
CVSS:8.1(High)

The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-...

CWE-3542017

CVE-2019-13496

HIGH
CVSS:8.1(High)

One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a succ...

CWE-3542019

CVE-2017-3224

HIGH
CVSS:8.2(High)

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two in...

CWE-3542017

CVE-2020-26896

HIGH
CVSS:8.2(High)

Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. While claiming on-chain a received HTLC output, it didn't verify that the corresponding outgoing off-c...

CWE-3542020

CVE-2024-52550

HIGH
CVSS:8.0(High)

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers...

CWE-3542024

CVE-2024-3727

HIGH
CVSS:8.3(High)

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, l...

CWE-3542024