CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1721
https://notcve.org/view.php?id=CVE-2024-1721
21 May 2024 — Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1. La verificación incorrecta de la vulnerabilidad de la firma criptográfica en HYPR Passwordless en Windows permite una actualización de software malicioso. Este problema afecta a HYPR Passwordless: versiones anteriores a 9.1. • https://www.hypr.com/trust-center/security-advisories • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0068
https://notcve.org/view.php?id=CVE-2024-0068
29 Feb 2024 — Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1. La vulnerabilidad de resolución de enlace incorrecta antes del acceso a archivos ("siguiente enlace") en HYPR Workforce Access en MacOS permite la manipulación de archivos. Este problema afecta a Workforce Access: versiones anteriores a 8.7.1. • https://www.hypr.com/trust-center/security-advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6336
https://notcve.org/view.php?id=CVE-2023-6336
16 Jan 2024 — Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. La vulnerabilidad de resolución de enlace incorrecta antes del acceso al archivo ("Link Following") en HYPR Workforce Access en MacOS permite el nombre de archivo controlado por el usuario. Este problema afecta a Workforce Access: antes de 8.7. • https://www.hypr.com/security-advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6335
https://notcve.org/view.php?id=CVE-2023-6335
16 Jan 2024 — Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. La vulnerabilidad de resolución de enlace incorrecta antes del acceso al archivo ("Link Following") en HYPR Workforce Access en Windows permite el nombre de archivo controlado por el usuario. Este problema afecta a Workforce Access: antes de 8.7. • https://www.hypr.com/security-advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6334
https://notcve.org/view.php?id=CVE-2023-6334
16 Jan 2024 — Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. Vulnerabilidad de restricción inadecuada de operaciones dentro de los límites en búfer de memoria en HYPR Workforce Access en Windows permite desbordamiento de búferes. Este problema afecta a Workforce Access: versiones anteriores a 8.7. • https://www.hypr.com/security-advisories • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5097
https://notcve.org/view.php?id=CVE-2023-5097
16 Jan 2024 — Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7. La vulnerabilidad de validación de entrada incorrecta en HYPR Workforce Access en Windows permite path traversal. Este problema afecta a Workforce Access: versiones anteriores a 8.7. • https://www.hypr.com/security-advisories • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1837
https://notcve.org/view.php?id=CVE-2023-1837
23 May 2023 — Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs) • https://www.hypr.com/security-advisories • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1477
https://notcve.org/view.php?id=CVE-2023-1477
28 Apr 2023 — Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3. • https://www.hypr.com/security-advisories • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0834
https://notcve.org/view.php?id=CVE-2023-0834
28 Apr 2023 — Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. • https://www.hypr.com/security-advisories • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3258
https://notcve.org/view.php?id=CVE-2022-3258
03 Nov 2022 — Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on Windows allows Authentication Abuse. Una vulnerabilidad de Asignación Incorrecta de Permisos para Recursos Críticos en HYPR Workforce Access en Windows permite un Abuso de la Autenticación. • https://www.hypr.com/security-advisories • CWE-732: Incorrect Permission Assignment for Critical Resource •