Vulnerabilities > Upwork

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-23	CVE-2019-12162	Download of Code Without Integrity Check vulnerability in Upwork Time Tracker 5.2.2.716 Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe. local low complexity upwork CWE-494	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Upwork {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Upwork"}]}

Vulnerabilities > Upwork