720 matches found
CVE-2018-4009
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit th...
CVE-2018-4009
The CVE-2018-4009 issue affects Shimo VPN’s helper service on macOS, where privilege escalation is possible due to improper validation of code signing. The Shimo helper signs and launches auxiliary binaries after a basic code-sign check (kSecCSBasicValidateOnly), which does not verify the signing...
CVE-2018-4009
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit th...
PT-2019-10749 · Feingeist Software Gmbh · Shimo Vpn
Name of the Vulnerable Software and Affected Versions: Shimo VPN affected versions not specified Description: A privilege escalation issue exists due to improper validation of code signing in the Shimo VPN helper service. This allows a user with local access to raise their privileges to root. An...
Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities
Binary data 700510.prm...
SHA-2 Code Sign Support Advisory
Microsoft is announcing the release of SHA-2 code sign support for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2. Please see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS for more information...
SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019
SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019 Notice This security update was released March 12, 2019 for Windows 7 SP1 and Windows Server 2008 R2 SP1. This security update was updated May 14, 2019 to add support for Windows...
Code Injection
openjdk is vulnerable to code injection attacks. The vulnerability exists as jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
MacOS Process Code Signing: Not Apple
Binary data macoscodesignnotapple.nbin...
MacOS Process Code Signing: Misc
Binary data macoscodedesignmisc.nbin...
MacOS Process Code Signing: Invalid Apple
Binary data macoscodesigninvalidapple.nbin...
MacOS Process Code Signing: Invalid
Binary data macoscodesigninvalid.nbin...
MacOS Process Code Signing: Not Signed
Binary data macoscodesignnotsigned.nbin...
MacOS Process Code Signing: Signed
Binary data macoscodesignsigned.nbin...
CVE-2018-6336
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...
CVE-2018-6336
The CVE-2018-6336 issue affects osquery prior to v3.2.7. A malformed Universal/Fat binary can bypass third-party code-signing checks, causing unsigned code to execute while appearing Apple-signed. This is triggered when a Fat binary’s nested Mach-O binaries aren’t fully inspected, leading third-p...
CVE-2018-6336
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...
CVE-2018-6336
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...
Code injection
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...
CVE-2018-6336
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...