CVE-2020-8485

Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...

CVE-2020-8489

Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management all published versions enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making Information Management...

CVE-2020-8484

Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash...

CVE-2020-8488

Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management all published versions enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities...

CLSA-2025-1737468474 kernel: Fix of 4 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - btrfs: dev-replace: properly validate device names CVE-2024-26791 - KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory CVE-2024-50115 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - ipc/sem.c: bugfix for...

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exis...

UBUNTU-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...

CVE-2024-8272 macOS Universal Audio (UAConnect) <= 2.7.0 - Local Privilege Escalation

The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication IPC. Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to...

CVE-2024-8272

CVE-2024-8272 affects macOS Universal Audio (UAConnect) and targets the com.uaudio.bsd.helper service. The issue is a missing validation of clients during XPC IPC: the service does not verify code requirements, entitlements, or security flags of connecting clients, enabling unauthorized clients t...

PT-2024-38904 · Unknown · Com.Uaudio.Bsd.Helper

Name of the Vulnerable Software and Affected Versions: com.uaudio.bsd.helper service affected versions not specified Description: The issue concerns a lack of proper client validation during XPC inter-process communication IPC in the com.uaudio.bsd.helper service, which handles privileged...

UltiMaker Cura 安全漏洞

UltiMaker Cura is a free, easy-to-use 3D printing software from UltiMaker, Inc. A security vulnerability exists in UltiMaker Cura v5.8.1 and earlier versions, which originates from a local attacker who can execute arbitrary code via the inter-process communication IPC mechanism...

PT-2024-34600 · Ultimaker · Ultimaker Cura

Name of the Vulnerable Software and Affected Versions: UltiMaker Cura versions 4.41 and 5.8.1 and earlier Description: The issue allows a local attacker to execute arbitrary code via the Inter-process communication IPC mechanism between the Cura application and CuraEngine processes, localhost...

PT-2024-26094 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem versions prior to SMR Nov-2024 Release 1 Description: The issue is related to improper input validation in the IpcProtocol of the Modem, allowing local attackers to cause a Denial-of-Service. Recommendations: For versions prior to SMR...

kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...

AgileBits 1Password IPC Protection Bypass (CVE-2024-42219) (macOS)

The version of AgileBits 1Password installed on the remote macOS or Mac OS X host is prior to 8.10.36. It is, therefore, affected by an inter-process communication bypass vulnerability that allows local attackers to exfiltrate vault items. Note that Nessus has not tested for this issue but has...

CVE-2024-42219

1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient...

CVE-2024-42219

1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient...

AgileBits 1Password For Mac 安全漏洞

AgileBits 1Password For Mac is a password management software from AgileBits Canada. It is used to store a variety of different passwords. A security vulnerability exists in AgileBits 1Password For Mac prior to version 8.10.36, which stems from insufficient authentication of XPC inter-process...

PT-2024-29794 · Agilebits · 1Password

Name of the Vulnerable Software and Affected Versions: 1Password versions prior to 8.10.36 for macOS Description: The issue allows local attackers to exfiltrate vault items due to insufficient XPC inter-process communication validation. Recommendations: For versions prior to 8.10.36, update to...

CVE-2024-42219

1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient...