CVE-2024-38642

LOW Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-295
View all →

Vulnerability Description

An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors. We have already fixed the vulnerability in the following version: QuMagie 2.3.1 and later

Related Vulnerabilities

CVE-2018-10403

HIGH
CVSS:7.8(High)

An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/...

CWE-2952018

CVE-2018-10404

HIGH
CVSS:7.8(High)

An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not compl...

CWE-2952018

CVE-2018-10405

HIGH
CVSS:7.8(High)

An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal...

CWE-2952018

CVE-2018-10406

HIGH
CVSS:7.8(High)

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the u...

CWE-2952018

CVE-2018-10408

HIGH
CVSS:7.8(High)

An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of ...

CWE-2952018

CVE-2020-8289

HIGH
CVSS:7.8(High)

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where v...

CWE-2952020