CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

CVE-2024-25140

CVE-2024-25140 affects RustDesk 1.2.3 on Windows. A default install places a WDKTestCert in Trusted Root Certification Authorities with EKU Code Signing (1.3.6.1.5.5.7.3.3), valid 2023–2033. This was intended behavior per vendor note, using a test certificate due to lack of EV cert, raising conce...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Nginx-UI is a web interface to manage Nginx configurations. The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system. It's possible to leverage the...

Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

Albanian Parliament and One Albania Telecom Hit by Cyber Attacks

The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country's National Authority for Electronic Certification and Cyber Security AKCESK revealed this week. "These infrastructures, under the legislation in force, are not currently...

Design/Logic Flaw

A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Certification Authority CA, allowing the client to validate th...

TAIWAN-CA(TWCA) JCICSecurityTool Input Validation Error Vulnerability

TAIWAN-CATWCA JCICSecurityTool is an application from Taiwan Web Certification TWCA. An input validation error vulnerability exists in TAIWAN-CATWCA JCICSecurityTool version v4.2.3.32, which stems from insufficient filtering of special characters in registry-related functions, and can be exploite...

Ubuntu: Security Advisory (USN-6527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6528-1: OpenJDK 8 vulnerabilities

It was discovered that the HotSpot VM implementation in OpenJDK did not properly validate bytecode blocks in certain situations. An attacker could possibly use this to cause a denial of service. CVE-2022-40433 Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support...

USN-6527-1: OpenJDK vulnerabilities

Carter Kozak discovered that OpenJDK, when compiling with AVX-512 instruction support enabled, could produce code that resulted in memory corruption in certain situations. An attacker targeting applications built in this way could possibly use this to cause a denial of service or execute arbitrar...

[SECURITY] Fedora 38 Update: openvpn-2.6.8-1.fc38

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

How to update vCenter Server certification in Citrix environments

Outlines the steps of how to update vCenter Server certification in on-premises and Cloud DaaS Citrix environments...

[SECURITY] Fedora 39 Update: openvpn-2.6.8-1.fc39

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

SUSE CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

SUSE-SU-2023:3857-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2018-9234: Fixed unenforced configuration allows for apparently valid certifications actually signed by signing subkeys bsc1088255...

Malwarebytes wins every Q2 MRG Effitas award & scores 100% on new phishing test

MRG Effitas, a world leader in independent IT research, published their anti-malware efficacy assessment results for Q2 2023. Malwarebytes Endpoint Protection EP achieved the highest possible score 100% and received certifications for Level 1, Exploit, Online Banking, and Ransomware. These result...

CVE-2023-4801

An improper certification validation vulnerability in the Insider Threat Management ITM Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to...

Input validation

An improper certification validation vulnerability in the Insider Threat Management ITM Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to...

CVE-2023-4801 ITM MacOS Agent Improper Certificate Validation

An improper certification validation vulnerability in the Insider Threat Management ITM Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to...