Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.5 views

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

6CVSS6.8AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.14 views

PT-2025-49499

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The encryption algorithms within the kernel’s virt/coco/sev-guest component directly read from and write to shared unencrypted memory. This practice could potentially expose information...

7.8CVSS6.8AI score0.00465EPSS
Exploits2References844
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32110

Malicious code in bioql PyPI...

6CVSS6.2AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-20961

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.5 views

CVE-2023-21414

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering commonly known as Secure Boot contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AX...

7.1CVSS6.6AI score0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/06 3:41 p.m.11 views

CVE-2023-28806 Signature validation error in DLL allows disabling anti-tampering protection

An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows 4.2.0.190...

5.7CVSS7AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 3:41 p.m.14 views

CVE-2023-28806 Signature validation error in DLL allows disabling anti-tampering protection

An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows 4.2.0.190...

5.7CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2024/04/30 4:17 p.m.66 views

CVE-2024-23463

CVE-2024-23463 affects Zscaler Client Connector on Windows prior to 4.2.1. The anti-tampering protection can be bypassed when using the Repair App functionality, per connected sources (e.g., PT-2024-19886 and RH/CVE-2024-23463). Root cause is bypass of the built-in tamper protection during Repair...

8.8CVSS6.8AI score0.00371EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.8 views

PT-2024-19886 · Zscaler · Zscaler Client Connector

Name of the Vulnerable Software and Affected Versions: Zscaler Client Connector versions prior to 4.2.1 Description: The anti-tampering protection of the Zscaler Client Connector can be bypassed under certain conditions when running the Repair App functionality. Recommendations: For versions prio...

8.8CVSS6.5AI score0.00371EPSS
Exploits0References7
OSV
OSV
added 2023/11/21 7:15 a.m.5 views

CVE-2023-5553

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

6.8CVSS5.8AI score0.00332EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/16 12:0 a.m.6 views

PT-2023-18185 · Axis Communications · Axis Os

Name of the Vulnerable Software and Affected Versions: AXIS OS affected versions not specified Description: A flaw has been discovered in the protection for device tampering, commonly known as Secure Boot, which provides an opportunity for a sophisticated attack to bypass this protection. The iss...

7.1CVSS6.8AI score0.00232EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/01/20 11:22 p.m.17 views

CakePHP SecurityComponent cross form submission issue

Prior to versions 2.4.8 and 1.3.18, forms secured by SecurityComponent could be submitted to any action without triggering SecurityComponent’s tampering protection. If an application contained multiple POST forms to manipulate the same models, it could be vulnerable to mass assignment issues...

2.8AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.2 views

PT-2023-33038 · Unknown · Securitycomponent

Name of the Vulnerable Software and Affected Versions: Software versions prior to 2.4.8 and 1.3.18 Description: The issue allows forms secured by SecurityComponent to be submitted to any action without triggering the tampering protection. This could lead to mass assignment issues in applications...

7.1AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.2 views

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

6CVSS5.9AI score0.00197EPSS
Exploits0References2
NVD
NVD
added 2022/04/04 8:15 p.m.19 views

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

6CVSS0.00197EPSS
Exploits0References1
Prion
Prion
added 2022/04/04 8:15 p.m.17 views

Design/Logic Flaw

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

3.6CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/06/12 2:29 p.m.4 views

CVE-2019-1040

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC Message Integrity Check protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit...

5.3CVSS7.1AI score0.48043EPSS
Exploits6References2
OSV
OSV
added 2015/02/11 8:47 p.m.5 views

MGASA-2015-0064 Updated owasp-esapi-java packages fix CVE-2013-5679

Updated owasp-esapi-java packages fix security vulnerability: The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier f...

2.6CVSS6.5AI score0.02426EPSS
Exploits1References3
Rows per page
Query Builder