CVE-2025-43023

CVE-2025-43023 affects HP Linux Imaging and Printing Software. Vulnerability stems from use of a weak DSA code signing key in the software documentation entry. NVD/NVDS data describe a network-accessible issue with high confidentiality and integrity impact (C/H) and a critical base score (CVSS 3....

CVE-2025-43023

Removed by vendor...

CVE-2025-43023 HP Linux Imaging and Printing Software - Use of DSA Key

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA...

HP Linux Imaging and Printing Software - Use of DSA Key

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA. HP has identified affected versions and the minimum software version that...

PT-2025-31134

Name of the Vulnerable Software and Affected Versions HP Linux Imaging and Printing Software affected versions not specified Description A potential security issue exists due to the use of a weak code signing key employing the Digital Signature Algorithm DSA. Recommendations At the moment, there ...

Siemens TIA Administrator Data Forgery Issue Vulnerability

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. A data forgery vulnerability exists in Siemens TIA Administrator, which arises from improper validation of code signing certificates and can be exploited by an attacker to bypas...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

CVE-2025-23364

Siemens TIA Administrator (all versions before 3.0.6) contains a vulnerability where code signing certificates are not properly validated. This could allow bypassing the certificate check and executing arbitrary code during installation. The issue is documented across multiple sources (e.g., Red ...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

Siemens TIA Administrator 数据伪造问题漏洞

Siemens TIA Administrator is a management program for authorizing and licensing SIMATIC products from Siemens, Germany. A data forgery vulnerability exists in Siemens TIA Administrator, which arises from improper validation of code signing certificates and can be exploited by an attacker to bypas...

PT-2025-28389 · Unknown · Tia Administrator

Name of the Vulnerable Software and Affected Versions: TIA Administrator versions prior to 3.0.6 Description: A vulnerability has been identified in the affected application, where it improperly validates code signing certificates. This could allow an attacker to bypass the check and execute...

CVE-2024-8270 macOS Rocket.Chat: TCC Policy Bypass via Dylib Injection Due to Missing Code Signing Flags and Dangerous Entitlements

The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing Transparency, Consent, and Control TCC policies, enabling the exploitation or abuse of permissions specified in its entitlements e.g., microphone, camera, automation, network client. Since Rocket.Chat was not...

CVE-2024-8270 macOS Rocket.Chat: TCC Policy Bypass via Dylib Injection Due to Missing Code Signing Flags and Dangerous Entitlements

The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing Transparency, Consent, and Control TCC policies, enabling the exploitation or abuse of permissions specified in its entitlements e.g., microphone, camera, automation, network client. Since Rocket.Chat was not...

CVE-2024-8270

The set of documents confirms a macOS Rocket.Chat vulnerability (CVE-2024-8270) where a missing Hardened Runtime and Library Validation enables DYLIB injection, bypassing TCC policies and granting permissions not allowed by default under Sandbox/app profile (e.g., microphone, camera, automation, ...

CVE-2024-7457 macOS Stash network-management utility: Unauthorized Manipulation of System Network Preferences

The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS’s authorization model. Instead of validating the client's authorization reference, the helper invokes AuthorizationCopyRights using its own privileged context root, effectively authorizing itself...

CVE-2025-24109

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...

CVE-2025-24122

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system...