CVE-2018-4043

An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

CVE-2018-4044

CVE-2018-4044 affects Clean My Mac X, version 4.04. The vulnerability exists in the helper protocol’s removePackageWithID function, where calling applications can pass the privileged command via an unvalidated path. Attackers with local access could exploit this to delete package receipts using t...

CVE-2018-4033

The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

CVE-2018-4047

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

MacPaw CleanMyMac X Input Validation Vulnerability (CNVD-2019-23281)

MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in MacPaw CleanMyMac X version 4.04, which can be exploited by a local attacker to modify t...

MacPaw CleanMyMac X Elevation of Privilege Vulnerability

MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform from MacPaw USA. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in MacPaw CleanMyMac X version 4.04. A local attacker can exploit the...

Lenovo XClarity Integrator Vulnerabilities - US

Lenovo Security Advisory: LEN-23800 Potential Impact: Privilege escalation, information disclosure, file system modification Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9072, CVE-2018-16093, CVE-2018-16097 Summary Description: In a recent internal audit, Lenovo...

Lenovo XClarity Integrator Vulnerabilities - Lenovo Support US

No description provided...

Code injection

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.51.11007.2. Known Fixed Releases...

Design/Logic Flaw

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."...

IBM Lotus Domino 67 - HTTP webadmin.nsf Directory Traversal

IBM Lotus Domino 67 - HTTP webadmin.nsf Directory Traversal source: https://www.securityfocus.com/bid/9900/info It has been reported that Lotus Domino may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The...