Total
501 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23772 | 1 Motorola | 2 Mbts Site Controller, Mbts Site Controller Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. | |||||
| CVE-2023-23436 | 1 Hihonor | 1 Magic Os | 2024-11-21 | N/A | 7.3 HIGH |
| Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file | |||||
| CVE-2023-23435 | 1 Hihonor | 1 Magic Os | 2024-11-21 | N/A | 4.0 MEDIUM |
| Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file | |||||
| CVE-2023-23433 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-11-21 | N/A | 4.0 MEDIUM |
| Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file. | |||||
| CVE-2023-23432 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-11-21 | N/A | 7.3 HIGH |
| Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file. | |||||
| CVE-2023-23431 | 1 Hihonor | 2 Nth-an00, Nth-an00 Firmware | 2024-11-21 | N/A | 7.3 HIGH |
| Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file. | |||||
| CVE-2023-22742 | 1 Libgit2 | 1 Libgit2 | 2024-11-21 | N/A | 5.3 MEDIUM |
| libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked. | |||||
| CVE-2023-20266 | 1 Cisco | 3 Emergency Responder, Unified Communications Manager, Unity Connection | 2024-11-21 | N/A | 6.5 MEDIUM |
| A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device. | |||||
| CVE-2023-20236 | 1 Cisco | 52 8201, 8202, 8208 and 49 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device. | |||||
| CVE-2023-20135 | 1 Cisco | 1 Ios Xr | 2024-11-21 | N/A | 5.7 MEDIUM |
| A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device. | |||||
| CVE-2022-4418 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40208. | |||||
| CVE-2022-46176 | 1 Rust-lang | 1 Cargo | 2024-11-21 | N/A | 5.3 MEDIUM |
| Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle (MITM) attacks. This vulnerability has been assigned CVE-2022-46176. All Rust versions containing Cargo before 1.66.1 are vulnerable. Note that even if you don't explicitly use SSH for alternate registry indexes or crate dependencies, you might be affected by this vulnerability if you have configured git to replace HTTPS connections to GitHub with SSH (through git's [`url.<base>.insteadOf`][1] setting), as that'd cause you to clone the crates.io index through SSH. Rust 1.66.1 will ensure Cargo checks the SSH host key and abort the connection if the server's public key is not already trusted. We recommend everyone to upgrade as soon as possible. | |||||
| CVE-2022-42010 | 2 Fedoraproject, Freedesktop | 2 Fedora, Dbus | 2024-11-21 | N/A | 6.5 MEDIUM |
| An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. | |||||
| CVE-2022-41669 | 1 Schneider-electric | 2 Ecostruxure Operator Terminal Expert, Pro-face Blue | 2024-11-21 | N/A | 7.0 HIGH |
| A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior). | |||||
| CVE-2022-41666 | 1 Schneider-electric | 2 Ecostruxure Operator Terminal Expert, Pro-face Blue | 2024-11-21 | N/A | 7.0 HIGH |
| A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior). | |||||
| CVE-2022-41340 | 1 Secp256k1-js Project | 1 Secp256k1-js | 2024-11-21 | N/A | 7.5 HIGH |
| The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery. | |||||
| CVE-2022-3864 | 1 Hitachienergy | 6 Relion 650, Relion 650 Firmware, Relion 670 and 3 more | 2024-11-21 | N/A | 4.5 MEDIUM |
| A vulnerability exists in the Relion update package signature validation. A tampered update package could cause the IED to restart. After restart the device is back to normal operation. An attacker could exploit the vulnerability by first gaining access to the system with security privileges and attempt to update the IED with a malicious update package. Successful exploitation of this vulnerability will cause the IED to restart, causing a temporary Denial of Service. | |||||
| CVE-2022-3322 | 1 Cloudflare | 1 Warp Mobile Client | 2024-11-21 | N/A | 6.7 MEDIUM |
| Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action. | |||||
| CVE-2022-39366 | 1 Datahub Project | 1 Datahub | 2024-11-21 | N/A | 9.9 CRITICAL |
| DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because the `StatelessTokenService` of the Metadata service uses the `parse` method of `io.jsonwebtoken.JwtParser`, which does not perform a verification of the cryptographic token signature. This means that JWTs are accepted regardless of the used algorithm. This issue may lead to an authentication bypass. Version 0.8.45 contains a patch for the issue. There are no known workarounds. | |||||
| CVE-2022-39300 | 1 Node Saml Project | 1 Node Saml | 2024-11-21 | N/A | 7.7 HIGH |
| node SAML is a SAML 2.0 library based on the SAML implementation of passport-saml. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to node-saml version 4.0.0-beta5 or newer. Disabling SAML authentication may be done as a workaround. | |||||