Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-20962

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00431EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32442

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00342EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 7:36 a.m.8 views

CVE-2024-23464

In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...

7.2CVSS7.2AI score0.00431EPSS
Exploits0References1
OSV
OSV
added 2024/08/06 4:15 p.m.4 views

CVE-2024-23464

In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...

4.9CVSS5.8AI score0.00431EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/27 12:0 a.m.7 views

The vulnerability of the Zscaler Internet Access (ZIA) domain detection module allows a hacker to execute a “man-in-the-middle” attack.

The vulnerability of the Zscaler Internet Access ZIA domain detection module is related to errors in the certificate validation process. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack...

7.8CVSS7.4AI score0.00342EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/01/31 8:15 p.m.6 views

CVE-2023-28807

In Zscaler Internet Access ZIA a mismatch between Connect Host and Client Hello's Server Name Indication SNI enables attackers to evade network security controls by hiding their communications within legitimate traffic...

7.5CVSS5.8AI score0.00342EPSS
Exploits0References2
Prion
Prion
added 2024/01/31 8:15 p.m.13 views

Code injection

In Zscaler Internet Access ZIA a mismatch between Connect Host and Client Hello's Server Name Indication SNI enables attackers to evade network security controls by hiding their communications within legitimate traffic...

5CVSS7.2AI score0.00342EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/31 7:16 p.m.16 views

CVE-2023-28807 Bypass of ZIA domain fronting detection module through evasion technique

In Zscaler Internet Access ZIA a mismatch between Connect Host and Client Hello's Server Name Indication SNI enables attackers to evade network security controls by hiding their communications within legitimate traffic...

5.1CVSS7.2AI score0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/31 7:16 p.m.25 views

CVE-2023-28807 Bypass of ZIA domain fronting detection module through evasion technique

In Zscaler Internet Access ZIA a mismatch between Connect Host and Client Hello's Server Name Indication SNI enables attackers to evade network security controls by hiding their communications within legitimate traffic...

5.1CVSS7.7AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.5 views

Zscaler Internet Access 安全漏洞

Zscaler Internet Access is a cloud-native Security Service Edge SSE solution from Zscaler. Zscaler Internet Access suffers from a security vulnerability that stems from a mismatch between server name indications, which allows an attacker to hide their communications from legitimate traffic to eva...

7.5CVSS7.1AI score0.00342EPSS
Exploits0References3
OSV
OSV
added 2023/11/21 11:15 a.m.5 views

CVE-2023-28802

An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 4.2.0.149...

5.4CVSS5.8AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/21 12:0 a.m.5 views

Zscaler Client Connector Security Vulnerability

Zscaler Client Connector is an application from zscaler. An application installed on a device that ensures that Internet traffic and access to an organization's internal applications are secure and in compliance with the organization's policies, even when not on the corporate network. A security...

5.4CVSS6.5AI score0.00227EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/21 12:0 a.m.6 views

PT-2023-21978

Name of the Vulnerable Software and Affected Versions Zscaler Client Connector versions prior to 4.2.0.149 Description An issue with improper validation of integrity check values in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service...

5.4CVSS5.5AI score0.00227EPSS
Exploits0References6
Rows per page
Query Builder