Total
554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27247 | 1 Zoom | 1 Zoom | 2025-07-31 | N/A | 5.5 MEDIUM |
| Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access. | |||||
| CVE-2024-24694 | 1 Zoom | 1 Zoom | 2025-07-31 | N/A | 5.9 MEDIUM |
| Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access. | |||||
| CVE-2025-54419 | 2025-07-29 | N/A | 10.0 CRITICAL | ||
| A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details within a valid SAML assertion. For example, in one attack it is possible to remove any character from the SAML assertion username. To conduct the attack an attacker would need a validly signed document from the identity provider (IdP). This is fixed in version 5.1.0. | |||||
| CVE-2025-20206 | 2 Cisco, Microsoft | 2 Secure Client, Windows | 2025-07-22 | N/A | 7.1 HIGH |
| A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to a specific Cisco Secure Client process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid user credentials on the Windows system. | |||||
| CVE-2025-20143 | 1 Cisco | 1 Ios Xr | 2025-07-22 | N/A | 6.7 MEDIUM |
| A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to insufficient verification of modules in the software load process. An attacker could exploit this vulnerability by manipulating the loaded binaries to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system. Note: This vulnerability affects Cisco IOS XR Software, not the Secure Boot feature. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | |||||
| CVE-2024-49393 | 3 Mutt, Neomutt, Redhat | 3 Mutt, Neomutt, Enterprise Linux | 2025-07-16 | N/A | 6.5 MEDIUM |
| In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. | |||||
| CVE-2024-13172 | 1 Ivanti | 1 Endpoint Manager | 2025-07-11 | N/A | 7.8 HIGH |
| Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to achieve remote code execution. Local user interaction is required. | |||||
| CVE-2025-2763 | 1 Carlinkit | 2 Autokit, Cpc200-ccpa | 2025-07-11 | N/A | 6.8 MEDIUM |
| CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of update packages on USB drives. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24356. | |||||
| CVE-2025-2764 | 1 Carlinkit | 2 Autokit, Cpc200-ccpa | 2025-07-11 | N/A | 8.0 HIGH |
| CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of update packages provided to update.cgi. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24355. | |||||
| CVE-2025-33069 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-07-10 | N/A | 5.1 MEDIUM |
| Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. | |||||
| CVE-2024-49365 | 2025-07-03 | N/A | N/A | ||
| tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a malicious JSON-stringifyable message can be made passing on verify(), when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. Buffer.isBuffer check can be bypassed, resulting in strange objects being accepted as a message, and those messages could trick verify() into returning false-positive true values. This issue has been patched in version 1.1.7. | |||||
| CVE-2025-24043 | 1 Microsoft | 1 Windbg | 2025-07-03 | N/A | 7.5 HIGH |
| Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network. | |||||
| CVE-2024-36347 | 2025-06-30 | N/A | 6.4 MEDIUM | ||
| Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment. | |||||
| CVE-2025-52556 | 2025-06-23 | N/A | N/A | ||
| rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trusted root(s), but fails to verify the TSR's own signature against the timestamping leaf certificates. Consequently, vulnerable versions perform insufficient signature validation to properly consider a TSR verified, as the attacker can introduce any TSR signature so long as the embedded leaf chains up to some root TSA. This issue has been patched in version 1.0.3. There is no workaround for this issue. | |||||
| CVE-2023-25718 | 1 Connectwise | 1 Control | 2025-06-19 | N/A | 9.8 CRITICAL |
| In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations. | |||||
| CVE-2023-44077 | 2 Apple, Studionetworksolutions | 2 Macos, Sharebrowser | 2025-06-17 | N/A | 9.8 CRITICAL |
| Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636. | |||||
| CVE-2022-42010 | 2 Fedoraproject, Freedesktop | 2 Fedora, Dbus | 2025-06-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. | |||||
| CVE-2025-24015 | 1 Deno | 1 Deno | 2025-06-09 | N/A | 5.3 MEDIUM |
| Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions 1.46.0 through 2.1.6 have an issue that affects AES-256-GCM and AES-128-GCM in Deno in which the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be detected, which breaks the guarantees expected from AES-GCM. Older versions of Deno correctly threw errors in such cases, as does Node.js. Without authentication tag verification, AES-GCM degrades to essentially CTR mode, removing integrity protection. Authenticated data set with set_aad is also affected, as it is incorporated into the GCM hash (ghash) but this too is not validated, rendering AAD checks ineffective. Version 2.1.7 includes a patch that addresses this issue. | |||||
| CVE-2016-20021 | 1 Gentoo | 1 Portage | 2025-06-03 | N/A | 9.8 CRITICAL |
| In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable. | |||||
| CVE-2025-29915 | 1 Oisf | 1 Suricata | 2025-05-29 | N/A | 7.5 HIGH |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues. | |||||