12 matches found
Ivanti Endpoint Manager 数据伪造问题漏洞
Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti USA. A data forgery issue vulnerability exists in versions prior to Ivanti Endpoint Manager 2024 SU4 SR1 that stems from improper cryptographic signature validation and could lead to remote code execution...
Fortinet FortiClient MacOS installer data forgery issue vulnerability
Fortinet FortiClient MacOS installer is a client installer from Fortinet. The Fortinet FortiClient MacOS installer suffers from a data forgery issue vulnerability that stems from improper cryptographic signature validation, which can be exploited by an attacker to cause elevation of privilege for...
EUVD-2019-0760
Malware in sbrugna...
CVE-2025-2866 PDF signature forgery with adbe.pkcs7.sha1 SubFilter
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This...
(Pwn2Own) Samsung Galaxy S24 Smart Switch Agent Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S24. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Smart Switc...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...
Improper Verification Of Cryptographic Signature
Keycloak is vulnerable to an Improper Verification of Cryptographic Signature. The vulnerability is due to incorrect validation logic in the XMLSignatureUtil class, where the SAML signature's scope is determined based on its position in the XML document, rather than using the Reference element th...
CVE-2023-23772
The CVE-2023-23772 issue concerns the Motorola MBTS Site Controller, where firmware update packages are not validated cryptographically. The root cause is lack of firmware update authenticity checks, enabling an authenticated attacker to potentially achieve arbitrary code execution, extract secre...
PT-2023-19195 · Motorola · Motorola Mbts Site Controller
Name of the Vulnerable Software and Affected Versions: Motorola MBTS Site Controller affected versions not specified Description: The Motorola MBTS Site Controller fails to check firmware update authenticity due to a lack of cryptographic signature validation for firmware update packages. This...
CVE-2021-37160
A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation e.g., cryptographic signature validation during a File Upload for a firmware update...
CVE-2021-37160
A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation e.g., cryptographic signature validation during a File Upload for a firmware update...
Idpy Pysaml2 Data Forgery Issue Vulnerability
Idpy Pysaml2 is a Python-based SAML server implementation from the Idpy community. Idpy PySAML2 before 6.5.0 suffers from a data forgery issue vulnerability that stems from a cryptographic signature validation error...