Lucene search
K

8 matches found

NVD
NVD
added 2024/02/06 9:15 a.m.38 views

CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

9.8CVSS9.6AI score0.00509EPSS
Exploits1References3
OSV
OSV
added 2024/02/06 9:15 a.m.9 views

CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

9.8CVSS7.2AI score
Exploits0References3
CVE
CVE
added 2024/02/06 12:0 a.m.211 views

CVE-2024-25140

CVE-2024-25140 affects RustDesk 1.2.3 on Windows. A default install places a WDKTestCert in Trusted Root Certification Authorities with EKU Code Signing (1.3.6.1.5.5.7.3.3), valid 2023–2033. This was intended behavior per vendor note, using a test certificate due to lack of EV cert, raising conce...

9.8CVSS9.4AI score0.00509EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2017/11/10 2:29 a.m.14 views

CVE-2017-9758

Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion."...

7.4CVSS7.5AI score0.01458EPSS
Exploits1References4
Prion
Prion
added 2017/11/10 2:29 a.m.11 views

Session fixation

Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion."...

5.8CVSS7.1AI score0.01458EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2017/11/09 7:0 p.m.21 views

CVE-2017-9758

Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion."...

7.5AI score0.01458EPSS
Exploits1References4
Cvelist
Cvelist
added 2012/11/14 11:0 a.m.20 views

CVE-2012-4948

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the...

6.3AI score0.00336EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/12/28 12:0 a.m.35 views

Full Disclosure: Windows File Protection Arbitrary Certificate Chain Vulnerability

============================================================================ == SECURITY ALERT Windows File Protection Arbitrary Certificate Chain Vulnerability December 26, 2002 Full Disclosure, [email protected] and others December 24, 2002 Private Disclosure Jason Coombs [email protected]...

0.1AI score
Exploits0
Rows per page
Query Builder