14 matches found
EUVD-2026-17484
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...
EUVD-2026-5109
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...
CVE-2025-14979
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...
PT-2026-1436
Name of the Vulnerable Software and Affected Versions AirVPN Eddie version 2.24.6 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations Update to a newer version that contains a fix for this...
PT-2025-50950
Name of the Vulnerable Software and Affected Versions BuhoNTFS version 1.3.2 Description BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions. The issue stems from vulnerabilities within the XPC service, enabli...
PT-2025-40612
Name of the Vulnerable Software and Affected Versions MacForge version 1.2.0 Beta 1 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations At the moment, there is no information about a newer version th...
PT-2024-30811 · Jamf · Jamf Compliance Editor
Name of the Vulnerable Software and Affected Versions: Jamf Compliance Editor versions prior to 1.3.1 Description: The issue concerns a local privilege escalation in the XPC service within the audit functionality of Jamf Compliance Editor on macOS. Recommendations: For versions prior to 1.3.1,...
Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2018-13360)
Microsoft Windows Server 2012 R2, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The Windows Kernel API is one of the kernel APIs application program interfaces. There is a vulnerability in the way the Windows Kernel API executes privileges in Microsoft...
Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2018-13328)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server 2016 is a set of server operating systems. A local elevation of privilege vulnerability exists i...
Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2018-10982)
Microsoft Windows is a set of operating systems developed by Microsoft Corporation in the U.S. Windows uses a graphical mode GUI. An elevation of privilege vulnerability exists in the way the Microsoft Windows Kernel API executes privileges. An attacker could use this vulnerability to emulate a...
Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2018-00516)
Microsoft Windows 7 SP1 and others are products of Microsoft Corporation in the United States. Microsoft Windows 7 SP1 is an operating system for personal computers; Windows Server 2008 SP2 is a server operating system. kernel is a kernel used in it. An elevation of privilege vulnerability exists...
Microsoft Windows Kernel API Elevation of Privilege Vulnerability
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. The Kernel API is one of the kernel APIs. An elevation of privilege vulnerability exists in the Kernel API in Microsoft Windows. An attacker can exploit this vulnerability by impersonating a process...
Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2016-07613)
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. An elevation of privilege vulnerability exists in the Microsoft Windows kernel. When the kernel API executes privileges, an attacker can exploit the vulnerabili...
Apple MAC OS X Yosemite XPC Message Handling Type Obfuscation Vulnerability
Apple MAC OS X Yosemite is the latest operating system developed by Apple. Apple MAC OS X Yosemite Handling of coresymbolicationd Handling of XPC messages suffers from a type obfuscation vulnerability that allows an attacker to construct a malicious application and trick a user into parsing it,...