33 matches found
EUVD-2023-46431
Malicious code in bioql PyPI...
EUVD-2023-46428
Malicious code in bioql PyPI...
EUVD-2023-46432
Malicious code in bioql PyPI...
EUVD-2024-20980
Malicious code in bioql PyPI...
CVE-2023-41972
In some rare cases, there is a password type validation missing in Revert Password check and for some features it could be disabled. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2023-41973
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2024-23482
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later...
CVE-2024-23482
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later...
CVE-2024-23482
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later...
CVE-2023-41973
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2023-41969
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 and later...
CVE-2023-41972
In some rare cases, there is a password type validation missing in Revert Password check and for some features it could be disabled. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2023-41969
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modification. Fixed version: Win ZApp 4.3.0 and later...
CVE-2023-41972
In some rare cases, there is a password type validation missing in Revert Password check and for some features it could be disabled. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2023-41973
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2024-23482 ZScalerService Local Privilege Escalation
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later...
CVE-2024-23482
CVE-2024-23482 describes a local privilege escalation in the ZScalerService process of Zscaler Client Connector for macOS. Affected: Zscaler Mac ZApp versions prior to 4.2.0.241. Root cause: local privilege escalation in ZScalerService. Impact is high for confidentiality, integrity, and availabil...
CVE-2024-23482 ZScalerService Local Privilege Escalation
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later...
CVE-2023-41973 Lack of input santization on Zscaler Client Connector enables arbitrary code execution
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: Win ZApp 4.3.0.121 and later...
CVE-2023-41973
The CVE-2023-41973 affects Zscaler Client Connector (ZSATray) on Windows, where a config parameter previousInstallerName is passed to TrayManager. TrayManager then constructs a path by appending this value, enabling a potential path construction/assembly issue that can lead to executing a crafted...