Total
507 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-23772 | 1 Motorola | 2 Mbts Site Controller, Mbts Site Controller Firmware | 2024-11-21 | 7.2 High |
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. | ||||
CVE-2023-23436 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 7.3 High |
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file | ||||
CVE-2023-23435 | 1 Hihonor | 1 Magic Os | 2024-11-21 | 4 Medium |
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file | ||||
CVE-2023-23433 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-11-21 | 4 Medium |
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file. | ||||
CVE-2023-23431 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-11-21 | 7.3 High |
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file. | ||||
CVE-2023-20940 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256237041 | ||||
CVE-2023-20900 | 7 Debian, Fedoraproject, Linux and 4 more | 12 Debian Linux, Fedora, Linux Kernel and 9 more | 2024-11-21 | 7.1 High |
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | ||||
CVE-2023-20266 | 1 Cisco | 3 Emergency Responder, Unified Communications Manager, Unity Connection | 2024-11-21 | 6.5 Medium |
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device. | ||||
CVE-2023-20236 | 1 Cisco | 53 8201, 8202, 8208 and 50 more | 2024-11-21 | 6.7 Medium |
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device. | ||||
CVE-2023-20135 | 1 Cisco | 1 Ios Xr | 2024-11-21 | 5.7 Medium |
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device. | ||||
CVE-2022-47549 | 1 Linaro | 1 Op-tee | 2024-11-21 | 6.4 Medium |
An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections. | ||||
CVE-2022-42793 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 5.5 Medium |
An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks. | ||||
CVE-2022-42010 | 3 Fedoraproject, Freedesktop, Redhat | 4 Fedora, Dbus, Enterprise Linux and 1 more | 2024-11-21 | 6.5 Medium |
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. | ||||
CVE-2022-41669 | 1 Schneider-electric | 2 Ecostruxure Operator Terminal Expert, Pro-face Blue | 2024-11-21 | 7 High |
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior). | ||||
CVE-2022-41666 | 1 Schneider-electric | 2 Ecostruxure Operator Terminal Expert, Pro-face Blue | 2024-11-21 | 7 High |
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior). | ||||
CVE-2022-41340 | 1 Secp256k1-js Project | 1 Secp256k1-js | 2024-11-21 | 7.5 High |
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | ||||
CVE-2022-3864 | 1 Hitachienergy | 6 Relion 650, Relion 650 Firmware, Relion 670 and 3 more | 2024-11-21 | 4.5 Medium |
A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service. | ||||
CVE-2022-3322 | 1 Cloudflare | 1 Warp Mobile Client | 2024-11-21 | 6.7 Medium |
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action. | ||||
CVE-2022-39366 | 1 Datahub Project | 1 Datahub | 2024-11-21 | 9.9 Critical |
DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because the `StatelessTokenService` of the Metadata service uses the `parse` method of `io.jsonwebtoken.JwtParser`, which does not perform a verification of the cryptographic token signature. This means that JWTs are accepted regardless of the used algorithm. This issue may lead to an authentication bypass. Version 0.8.45 contains a patch for the issue. There are no known workarounds. | ||||
CVE-2022-39300 | 1 Node Saml Project | 1 Node Saml | 2024-11-21 | 7.7 High |
node SAML is a SAML 2.0 library based on the SAML implementation of passport-saml. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to node-saml version 4.0.0-beta5 or newer. Disabling SAML authentication may be done as a workaround. |