34 matches found
EUVD-2020-12339
Malware in sbrugna...
EUVD-2011-0051
Malware in sbrugna...
Citrix Virtual Apps and Desktops 2402 CU2 expired certificate
Citrix Virtual Apps and Desktops CVAD 2402 LTSR Cumulative Update 2 CU2 2402.0.2100 contains installers and binaries signed with a now-expired code signing certificate. File signatures are considered valid if either: A timestamp was included at the time of signing, or The certificate used for...
Moderate: skopeo security and bug fix update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms...
Design/Logic Flaw
In Notion Web Clipper 1.0.37, a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of...
CVE-2021-34420
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer...
CVE-2020-16922
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
Security feature bypass
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
KB4580346: Windows 10 Version 1607 and Windows Server 2016 October 2020 Security Update
The remote Windows host is missing security update 4580346. It is, therefore, affected by multiple vulnerabilities : - A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and...
KB4580328: Windows 10 Version 1709 October 2020 Security Update
The remote Windows host is missing security update 4580328 or 4577041. It is, therefore, affected by multiple vulnerabilities : - A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security...
Security feature bypass
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
CVE-2020-1464
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
Windows Spoofing Vulnerability
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent...
PT-2020-3677 · Oracle +1 · Java +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A spoofing vulnerability exists when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files. In an...
The vulnerability of the Image Verification function in the Cisco IOS XE operating system allows a perpetrator to install malware onto a vulnerable device or upload malicious executable files.
The vulnerability of the Image Verification function in the Cisco IOS XE operating system is related to the lack of verification of file signatures during the system’s loading process. Exploiting this vulnerability allows a perpetrator to install malware onto a vulnerable device or load malicious...
The vulnerability of the File Signature Security function in the Windows operating system allows a hacker to circumvent existing security restrictions and introduce malicious code into a CAB file without canceling the file’s signature.
The vulnerability of the File Signature Security function in the Windows operating system is related to errors in checking the signatures of CAB files. Exploiting this vulnerability allows a hacker to bypass existing security restrictions and inject malicious code into CAB files without...
Security feature bypass
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka 'Windows File Signature Security Feature Bypass Vulnerability'...
CVE-2019-1163
Technical details (affected products, components, versions, root cause, impact or fixes) are not publicly provided in the supplied documents. Monitor for updates from official advisories and CVE records.
New Dridex Variant Slips By Anti-Virus Detection
Researchers have spotted a variant of the Dridex banking trojan with new obfuscation capabilities that help it skirt anti-virus detection. While Dridex has been around since 2011, researchers told Threatpost Friday that they recently spotted phishing emails distributing a never-before-seen varian...
CVE-2018-12356
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension script...