CVE-2023-28818

An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files aptare.jar or...

Design/Logic Flaw

An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files aptare.jar or...

CVE-2023-28818

CVE-2023-28818 affects Veritas NetBackup IT Analytics 11.x prior to 11.2.0. The upgrade process permits unsigned files, enabling a attacker to install rogue Collector executables (aptare.jar or upgrademanager.zip) on the Portal server, which could be downloaded and installed on collectors, compro...

Veritas Technologies Veritas NetBackup 数据伪造问题漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in Veritas Technologies Veritas NetBackup IT Analytics version 11 prior to 11.2.0, which stems from an application upgrade process...

CVE-2023-28818

An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files aptare.jar or...

CVE-2023-28818

An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application upgrade process included unsigned files that could be exploited and result in a customer installing unauthentic components. A malicious actor could install rogue Collector executable files aptare.jar or...

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD...

Authentication flaw

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD...

CVE-2022-33242 Improper authentication in Qualcomm IPC

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD...

PT-2023-13256 · Qualcomm · Qualcomm Ipc

Name of the Vulnerable Software and Affected Versions: Qualcomm IPC affected versions not specified Description: The issue is related to memory corruption due to improper authentication in Qualcomm IPC while loading unsigned libraries in the audio processing domain. Recommendations: At the moment...

SUSE CVE-2005-4605

The procfs code procmisc.c in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value...

SUSE CVE-2006-0049

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...

SUSE CVE-2006-1827

Integer signedness error in formatjpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length...

SUSE CVE-2007-1263

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...

SUSE CVE-2007-1266

Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

SUSE CVE-2009-3829

Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted erf file, related to an "unsigned integer wrap vulnerability."...

SUSE CVE-2009-4035

The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...

SUSE CVE-2010-2548

IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files...

SUSE CVE-2010-2783

IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services...

SUSE CVE-2011-2993

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges vi...