Total
1114 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4062 | 2024-11-21 | 2.6 LOW | 3.7 LOW | ||
| A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper certificate validation. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of this vulnerability is VDB-261788. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3738 | 2024-11-21 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This affects the function handlePath of the file /adminPage/conf/saveCmd. The manipulation of the argument nginxPath leads to improper certificate validation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260577 was assigned to this vulnerability. | |||||
| CVE-2024-39698 | 1 Electron | 1 Electron-builder | 2024-11-21 | N/A | 7.5 HIGH |
| electron-updater allows for automatic updates for Electron apps. The file `packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts` implements the signature validation routine for Electron applications on Windows. Because of the surrounding shell, a first pass by `cmd.exe` expands any environment variable found in command-line above. This creates a situation where `verifySignature()` can be tricked into validating the certificate of a different file than the one that was just downloaded. If the step is successful, the malicious update will be executed even if its signature is invalid. This attack assumes a compromised update manifest (server compromise, Man-in-the-Middle attack if fetched over HTTP, Cross-Site Scripting to point the application to a malicious updater server, etc.). The patch is available starting from 6.3.0-alpha.6. | |||||
| CVE-2024-37865 | 1 S3browser | 1 S3 Browser | 2024-11-21 | N/A | 5.9 MEDIUM |
| An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allows a remote attacker to obtain sensitive information via the S3 compatible storage component. | |||||
| CVE-2024-33509 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 4.8 MEDIUM |
| An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF). | |||||
| CVE-2024-2048 | 2024-11-21 | N/A | 8.1 HIGH | ||
| Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass authentication. Fixed in Vault 1.15.5 and 1.14.10. | |||||
| CVE-2024-29887 | 2024-11-21 | N/A | 7.4 HIGH | ||
| Serverpod is an app and web server, built for the Flutter and Dart ecosystem. This bug bypassed the validation of TSL certificates on all none web HTTP clients in the `serverpod_client` package. Making them susceptible to a man in the middle attack against encrypted traffic between the client device and the server. An attacker would need to be able to intercept the traffic and highjack the connection to the server for this vulnerability to be used. Upgrading to version `1.2.6` resolves this issue. | |||||
| CVE-2024-29072 | 2024-11-21 | N/A | 8.2 HIGH | ||
| A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege. | |||||
| CVE-2024-28162 | 2024-11-21 | N/A | 4.2 MEDIUM | ||
| In Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation. | |||||
| CVE-2024-28161 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default. | |||||
| CVE-2024-28067 | 1 Samsung | 2 Exynos Modem 5300, Exynos Modem 5300 Firmware | 2024-11-21 | N/A | 5.3 MEDIUM |
| A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext. | |||||
| CVE-2024-28021 | 1 Hitachienergy | 3 Foxman-un, Foxman Un, Unem | 2024-11-21 | N/A | 7.4 HIGH |
| A vulnerability exists in the FOXMAN-UN/UNEM server that affects the message queueing mechanism’s certificate validation. If exploited an attacker could spoof a trusted entity causing a loss of confidentiality and integrity. | |||||
| CVE-2024-27440 | 2024-11-21 | N/A | 4.8 MEDIUM | ||
| The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for Android versions prior 1.3.14 don't properly verify server certificates, which allows a man-in-the-middle attacker to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2024-25140 | 2 Microsoft, Rustdesk | 2 Windows, Rustdesk | 2024-11-21 | N/A | 9.8 CRITICAL |
| A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of security measures for the private key, and arbitrary software could be signed if the private key were to be compromised. NOTE: the vendor's position is "we do not have EV cert, so we use test cert as a workaround." Insertion into Trusted Root Certification Authorities was the originally intended behavior, and the UI ensured that the certificate installation step (checked by default) was visible to the user before proceeding with the product installation. | |||||
| CVE-2024-25053 | 1 Ibm | 1 Cognos Analytics | 2024-11-21 | N/A | 5.9 MEDIUM |
| IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between IBM Planning Analytics server and IBM Cognos Analytics server. IBM X-Force ID: 283364. | |||||
| CVE-2024-23273 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication. | |||||
| CVE-2024-20080 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424. | |||||
| CVE-2024-1052 | 1 Hashicorp | 1 Boundary | 2024-11-21 | N/A | 8.0 HIGH |
| Boundary and Boundary Enterprise (“Boundary”) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application. | |||||
| CVE-2024-0853 | 1 Haxx | 1 Curl | 2024-11-21 | N/A | 5.3 MEDIUM |
| curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check. | |||||
| CVE-2023-6680 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A | 7.4 HIGH |
| An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication. Smartcard authentication is an experimental feature and has to be manually enabled by an administrator. | |||||