Total
506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7481 | 2024-09-26 | N/A | 8.8 HIGH | ||
| Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. | |||||
| CVE-2024-45607 | 1 Secreto31126 | 1 Whatsapp-api-js | 2024-09-19 | N/A | 5.3 MEDIUM |
| whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the signature is valid. Incorrect Access Control, anyone using the post or verifyRequestSignature methods to handle messages is impacted. This vulnerability is fixed in 4.0.3. | |||||
| CVE-2024-42461 | 1 Elliptic Project | 1 Elliptic | 2024-08-16 | N/A | 9.1 CRITICAL |
| In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. | |||||
| CVE-2024-23456 | 1 Zscaler | 1 Client Connector | 2024-08-07 | N/A | 7.5 HIGH |
| Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled. | |||||
| CVE-2023-28806 | 1 Zscaler | 1 Client Connector | 2024-08-07 | N/A | 6.5 MEDIUM |
| An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190. | |||||
| CVE-2024-23460 | 1 Zscaler | 1 Client Connector | 2024-08-07 | N/A | 7.8 HIGH |
| The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2. | |||||