20 matches found
EUVD-2022-41607
Malicious code in bioql PyPI...
CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...
CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...
CVE-2022-39061
ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services...
CVE-2022-39061
ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services...
CVE-2022-39059
ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files...
Path traversal
ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files...
Input validation
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...
Changingtec ServiSign 路径遍历漏洞
Changingtec ServiSign is a system from Changingtec Taiwan, China. The system provides a cross-platform solution for digital signatures and authentication. A path traversal vulnerability exists in the ChangingTech MegaServiSignAdapter, which stems from its file reading feature that allows an...
CVE-2022-39059
CVE-2022-39059 affects ChangingTech MegaServiSignAdapter. The file-reading function has a path traversal vulnerability that can be exploited by an unauthenticated remote attacker to read arbitrary system files. CVSSv3.1 base score 7.5 (HIGH); attack vector NETWORK, complexity LOW, privileges NONE...
CVE-2022-39059 ChangingTec MegaServiSignAdapter - Path Traversal
ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files...
CVE-2022-39060
ChangingTech MegaServiSignAdapter has a vulnerability in improper input validation that can be exploited remotely by an unauthenticated attacker to access and modify the HKEY_CURRENT_USER registry (e.g., AutoRUN). This could allow execution of malicious scripts to take control of the system or te...
CVE-2022-39059 ChangingTec MegaServiSignAdapter - Path Traversal
ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files...
Changingtec ServiSign 输入验证错误漏洞
Changingtec ServiSign is a system from Changingtec Taiwan, China. The system provides a cross-platform solution for digital signatures and authentication. An input validation error vulnerability exists in the ChangingTech MegaServiSignAdapter. The vulnerability stems from the presence of improper...
CVE-2022-39060 ChangingTec MegaServiSignAdapter - Improper Input Validation
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...
CVE-2022-39061
CVE-2022-39061 affects ChangingTech’s MegaServiSignAdapter. The issue is an Out-of-bounds Read caused by insufficient validation for parameter length, enabling an unauthenticated remote attacker to access partial sensitive content in memory and disrupt partial services. CVSSv3.1 base score is 6.5...
PT-2023-13681 · Changingtec · Megaservisignadapter
Name of the Vulnerable Software and Affected Versions: ChangingTech MegaServiSignAdapter affected versions not specified Description: The issue is related to an Out-of-bounds Read vulnerability due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit thi...
PT-2023-13680 · Changingtec · Changingtech Megaservisignadapter
Name of the Vulnerable Software and Affected Versions: ChangingTech MegaServiSignAdapter affected versions not specified Description: The issue is related to improper input validation in the ChangingTech MegaServiSignAdapter component. An unauthenticated remote attacker can exploit this to access...
CVE-2022-39060 ChangingTec MegaServiSignAdapter - Improper Input Validation
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...
CVE-2022-39061 ChangingTec MegaServiSignAdapter - Out-of-bounds Read
ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services...