Lucene search
K

53 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3143

Malware in sbrugna...

6.1CVSS6.4AI score0.01458EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9542

Malware in sbrugna...

7.3CVSS7.4AI score0.00481EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:54 a.m.7 views

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

3.3CVSS6.2AI score0.0086EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:56 a.m.6 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

7.8CVSS6.6AI score0.00372EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.5 views

CVE-2019-19954

Signal Desktop before 1.29.1 on Windows allows local users to gain privileges by creating a Trojan horse %SYSTEMDRIVE%\nodemodules\.bin\wmic.exe file...

7.3CVSS6.9AI score0.00481EPSS
Exploits1References1
NVD
NVD
added 2023/01/23 7:15 a.m.11 views

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

3.3CVSS3.6AI score0.0086EPSS
Exploits2References4
OSV
OSV
added 2023/01/23 7:15 a.m.6 views

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

3.3CVSS7.2AI score0.0086EPSS
Exploits2References4
OSV
OSV
added 2023/01/23 7:15 a.m.6 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

7.8CVSS7.3AI score0.0086EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2023/01/23 7:15 a.m.4 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

7.8CVSS6AI score0.0086EPSS
Exploits2References5
NVD
NVD
added 2023/01/23 7:15 a.m.13 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

7.8CVSS7.4AI score0.00372EPSS
Exploits1References4
Prion
Prion
added 2023/01/23 7:15 a.m.15 views

Arbitrary file deletion

DISPUTED Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an...

1.7CVSS3.8AI score0.0086EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2023/01/23 7:15 a.m.16 views

Directory traversal

DISPUTED Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code...

4.3CVSS7.3AI score0.0086EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/23 12:0 a.m.9 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

6.9AI score0.00372EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/01/23 12:0 a.m.36 views

CVE-2023-24068

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to modify conversation attachments within the attachments.noindex directory. Client mechanisms fail to validate modifications of existing cached files, resulting in an attacker's ability to insert malicious code into...

7.6AI score0.00372EPSS
Exploits1References4
CVE
CVE
added 2023/01/23 12:0 a.m.55 views

CVE-2023-24069

Signal Desktop before 6.2.0 (Windows/Linux/macOS) is affected by CVE-2023-24069 and CVE-2023-24068, with confirmed details in Red Hat advisories and NVD/osv entries. The issue centers on attachments.noindex: attackers with local filesystem access can access potentially sensitive attachments store...

3.3CVSS3.8AI score0.0086EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/23 12:0 a.m.13 views

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

6.3AI score0.0086EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2023/01/23 12:0 a.m.3 views

PT-2023-19386 · Signal · Signal Desktop +1

Name of the Vulnerable Software and Affected Versions: Signal Desktop versions prior to 6.2.0 Description: The issue allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some case...

7.8CVSS6.9AI score0.0086EPSS
Exploits2References20
CVE
CVE
added 2023/01/23 12:0 a.m.62 views

CVE-2023-24068

Signal Desktop prior to 6.2.0 on Windows, Linux, and macOS is affected by a vulnerability where attachments stored in the attachments.noindex directory can be modified by an attacker. The flaw arises from insufficient validation of modifications to cached files, enabling an attacker to insert mal...

7.8CVSS7.3AI score0.00372EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/01/23 12:0 a.m.13 views

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

3.9AI score0.0086EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.5 views

Signal Desktop 安全漏洞

Signal Desktop is a desktop version of a live chat application with encryption. A security vulnerability exists in Signal Desktop versions prior to 6.2.0. An attacker can exploit the vulnerability to obtain sensitive attachments in the attachments.noindex directory...

3.3CVSS5.9AI score0.0086EPSS
Exploits2References5
Rows per page
Query Builder