Lucene search
K

46 matches found

OSV
OSV
added 2023/09/22 5:15 a.m.5 views

CVE-2023-43766

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...

7.8CVSS7.3AI score0.00151EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/09/22 5:15 a.m.5 views

CVE-2023-43761

Certain WithSecure products allow Denial of Service infinite loop. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements...

7.5CVSS5.8AI score0.00531EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.7 views

PT-2023-28973 · Withsecure · Withsecure Elements Endpoint Protection +5

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...

7.8CVSS7.5AI score0.00151EPSS
Exploits0References8
Citrix
Citrix
added 2023/08/28 12:0 a.m.10 views

Cannot Connect to Server ";40;STAxxxx" on Mac Client

Symptom 1: Cannot connect to server ";40;STA " when launch ICA session from mac client With VPN enabled, user can only access internal network and fail to launch ICA session. Without VPN enabled,user can access to external network and launch ICA Session successfully Symptom 2: "The SDK context...

7.1AI score
Exploits0
CERT
CERT
added 2023/08/28 12:0 a.m.13 views

Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account

Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours t...

7CVSS7AI score0.00347EPSS
Exploits1
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.13 views

Microsoft Teams Security Vulnerability

Microsoft Teams is a software from Microsoft USA for online meetings, chat, and cloud storage capabilities. A security vulnerability exists in Microsoft Teams. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected: Microsoft Teams...

8.8CVSS6.8AI score0.02098EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/10/28 12:0 a.m.7 views

The vulnerability of Fortinet’s antivirus software for FortiOS operating systems and Fortinet FortiClient for Mac security solutions stems from a flaw in the data protection mechanism. This flaw allows attackers to circumvent security restrictions.

The vulnerability of Fortinet’s antivirus software for FortiOS and Fortinet FortiClient for Mac operating systems is related to a flaw in the data protection mechanism when processing RAR archive files. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...

8.3CVSS5.4AI score0.00303EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/02/25 9:15 p.m.3 views

CVE-2019-4000

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges...

7.8CVSS7.4AI score0.00733EPSS
Exploits1References1
OSV
OSV
added 2019/09/05 2:15 a.m.2 views

CVE-2019-12645

A vulnerability in Cisco Jabber Client Framework JCF for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected devi...

7.8CVSS7.1AI score
Exploits0References1
NVD
NVD
added 2019/04/25 7:29 p.m.19 views

CVE-2018-12244

SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...

6.8CVSS6.5AI score0.01118EPSS
Exploits0References2
Prion
Prion
added 2019/04/25 7:29 p.m.17 views

Design/Logic Flaw

SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...

6.8CVSS6.5AI score0.01118EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/04/25 7:29 p.m.3 views

CVE-2018-12244

SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...

6.3CVSS5.8AI score0.01118EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/04/25 6:49 p.m.23 views

CVE-2018-12244

SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...

6.5AI score0.01118EPSS
Exploits0References2
CVE
CVE
added 2019/04/25 6:49 p.m.50 views

CVE-2018-12244

CVE-2018-12244 affects the SEP for Mac client, from versions before 12.1 RU6 MP9 and before 14.2 RU1. The issue is a CSV/DDE (formula) injection vulnerability where untrusted input placed in CSV files can be interpreted as commands or formulas by the application. The connected sources document th...

6.8CVSS6.5AI score0.01118EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/01/10 4:29 p.m.18 views

CVE-2018-0449

A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...

5.1CVSS4.6AI score0.00277EPSS
Exploits0References2
Prion
Prion
added 2019/01/10 4:29 p.m.17 views

Hardcoded credentials

A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...

3.3CVSS4.5AI score0.00277EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2019/01/10 4:0 p.m.13 views

CVE-2018-0449 Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability

A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...

5.1CVSS6.7AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 2019/01/10 4:0 p.m.62 views

CVE-2018-0449

Cisco Jabber Client Framework (JCF) in the Cisco Jabber for Mac client is affected. The root cause is insecure directory permissions on a JCF-created directory, enabling an authenticated local attacker who can access that directory to create a hard link to an arbitrary location, potentially creat...

5.1CVSS4.6AI score0.00277EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2019/01/09 4:0 p.m.87 views

Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability

A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...

5.1CVSS1.8AI score0.00277EPSS
Exploits0References1
Citrix
Citrix
added 2018/11/12 12:0 a.m.10 views

Citrix Workspace app for Mac unable to see USB device

A USB Joystick has been tested successfully from a windows client. USB device pass through is configured on a Citrix policy via Studio, but USB device options on mac receiver client show "Policy Restricted" in the "Virtual Channel" column. Customer tried updating the local policy by editing the...

6.8AI score
Exploits0
Rows per page
Query Builder