Wd Discovery

wd_discovery

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-29835 1Westerndigital 1Wd Discovery Nov 21, 2024 Sep 19, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not col...Show more WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not collision-free. This could thereby impact the confidentiality of user content. This issue affects: Western Digital WD Discovery WD Discovery Desktop App versions prior to 4.4.396 on Mac; WD Discovery Desktop App versions prior to 4.4.396 on Windows.Show less
CVE-2020-15816 1Westerndigital 1Wd Discovery Nov 21, 2024 Jul 17, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environ...Show more In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.Show less
CVE-2020-12427 1Westerndigital 1Wd Discovery Nov 21, 2024 May 13, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.