EUVD-2025-24012

Malicious code in bioql PyPI...

CVE-2025-24012

creationtimestamp| type| source ---|---|--- 2025-01-21 15:34:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113867076144151551 2025-01-21 16:00:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2418 2025-01-21 16:16:07+00:00| seen|...

CVE-2023-24012

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24012

creationtimestamp| type| source ---|---|--- 2025-01-09 14:40:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113798913135212465 2025-01-09 15:15:45+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcxtvv5xw25 2025-01-09 15:38:30+00:00| seen|...

CVE-2023-24012 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

Fortinet Fortigate when connecting to SSL-VPN (FG-IR-21-018)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-018 advisory. - An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDA...

Zoom Client for Meetings < 5.17.10 Vulnerability (ZSB-24012)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.17.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-24012 advisory. - Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a...

CVE-2022-24012

creationtimestamp| type| source ---|---|--- 2022-08-06 02:21:20+00:00| seen| https://t.me/cibsecurity/47676...

CVE-2022-24012

CVE-2022-24012 concerns a buffer overflow in TCL LinkHub Mesh Wi‑Fi MS1G_00_01.00_14 due to GetValue not respecting destination buffer size. Talos details show GetValue is a wrapper to cfms_mib_proc_handle with a fixed third argument; through GetValue/GetExtdns_by_lang flow, the code copies user-...

CVE-2021-24012

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority...

CVE-2021-24012

CVE-2021-24012 affects Fortinet FortiGate SSL-VPN (versions 6.4.0 through 6.4.4). The root cause is improper validation of a certificate chain, allowing an LDAP user to authenticate with any certificate signed by a trusted CA. Impact: permits bypass of certificate chain trust for SSL-VPN login; a...

CVE-2021-24012

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority...