Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2023/07/11 12:0 a.m.3 views

Microsoft Windows Authenticode 安全漏洞

Microsoft Windows Authenticode is a code-signing technology from Microsoft Corporation USA that identifies the publisher of Authenticode-signed software. A security vulnerability exists in Microsoft Windows Authenticode. An attacker exploits this vulnerability to perform spoofing attacks...

5.3CVSS6.8AI score0.00572EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalogadded 2022/01/10 12:0 a.m.70 views

Microsoft WinVerifyTrust function Remote Code Execution

A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files...

8.8CVSS3.5AI score0.76161EPSS
In wildExploits1
OSV
OSVadded 2021/09/15 12:15 p.m.0 views

CVE-2021-36959

Windows Authenticode Spoofing Vulnerability...

5.5CVSS7.1AI score0.02523EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2013/12/11 12:0 a.m.226 views

KB2915720: Changes in Windows Authenticode Signature Verification

The remote Windows host has not enabled the Windows Authenticode signature verification certificate padding check. This means extraneous information can be included in signed binaries. Note that Microsoft announced on July 29, 2014, that it no longer plans to enforce the stricter signature...

5.5AI score
Exploits0References1
OpenVAS
OpenVASadded 2012/04/11 12:0 a.m.43 views

Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)

This host is missing a critical security update according to Microsoft Bulletin MS12-024. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5.5AI score0.8901EPSS
Exploits1References5
securityvulns
securityvulnsadded 2010/04/15 12:0 a.m.56 views

Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution (981210)

Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution 981210 Published: April 13, 2010 | Updated: April 14, 2010 Version: 1.1 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Window...

9.3CVSS1.8AI score0.34784EPSS
Exploits2
seebug.org
seebug.orgadded 2010/04/14 12:0 a.m.35 views

Microsoft Windows Authenticode Signature Verification远程代码执行漏洞(MS10-019)

BUGTRAQ ID: 39328 CVE ID: CVE-2010-0486 Windows Authenticode Signature Verification功能也称为WinVerifyTrust,用于对指定的对象执行信任验证操作。 Windows Authenticode Signature Verification功能在处理PE和cabinet文件格式的某些文件digest字段时存在错误。匿名攻击者可以通过修改已有的签名可执行文件以篡改签名文件的未验证部分来利用此漏洞,从而无需使签名失效便向文件添加恶意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft...

9.3CVSS6.9AI score0.34784EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2010/04/14 12:0 a.m.2 views

PT-2010-2248 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the improper use of unspecified fields in a file digest by the Authenticode Signature verification functionality, allowing remote attackers to execute...

9.3CVSS7.5AI score0.33752EPSS
Exploits1References6
Rows per page
Query Builder