46 matches found
CVE-2023-43766
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for...
CVE-2023-43761
Certain WithSecure products allow Denial of Service infinite loop. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements...
PT-2023-28973 · Withsecure · Withsecure Elements Endpoint Protection +5
Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...
Cannot Connect to Server ";40;STAxxxx" on Mac Client
Symptom 1: Cannot connect to server ";40;STA " when launch ICA session from mac client With VPN enabled, user can only access internal network and fail to launch ICA session. Without VPN enabled,user can access to external network and launch ICA Session successfully Symptom 2: "The SDK context...
Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account
Overview Groupnotes Inc. Videostream Mac client installs a LaunchDaemon that runs with root privileges. The daemon is vulnerable to a race condition that allows for arbitrary file writes. A low privileged attacker can escalate privileges to root on affected systems. Description Every five hours t...
Microsoft Teams Security Vulnerability
Microsoft Teams is a software from Microsoft USA for online meetings, chat, and cloud storage capabilities. A security vulnerability exists in Microsoft Teams. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected: Microsoft Teams...
The vulnerability of Fortinet’s antivirus software for FortiOS operating systems and Fortinet FortiClient for Mac security solutions stems from a flaw in the data protection mechanism. This flaw allows attackers to circumvent security restrictions.
The vulnerability of Fortinet’s antivirus software for FortiOS and Fortinet FortiClient for Mac operating systems is related to a flaw in the data protection mechanism when processing RAR archive files. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...
CVE-2019-4000
Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges...
CVE-2019-12645
A vulnerability in Cisco Jabber Client Framework JCF for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected devi...
CVE-2018-12244
SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...
Design/Logic Flaw
SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...
CVE-2018-12244
SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...
CVE-2018-12244
SEP Mac client prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection also known as formula injection vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files...
CVE-2018-12244
CVE-2018-12244 affects the SEP for Mac client, from versions before 12.1 RU6 MP9 and before 14.2 RU1. The issue is a CSV/DDE (formula) injection vulnerability where untrusted input placed in CSV files can be interpreted as commands or formulas by the application. The connected sources document th...
CVE-2018-0449
A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...
Hardcoded credentials
A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...
CVE-2018-0449 Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability
A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...
CVE-2018-0449
Cisco Jabber Client Framework (JCF) in the Cisco Jabber for Mac client is affected. The root cause is insecure directory permissions on a JCF-created directory, enabling an authenticated local attacker who can access that directory to create a hard link to an arbitrary location, potentially creat...
Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability
A vulnerability in the Cisco Jabber Client Framework JCF software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. The vulnerability exists due to insecure directory...
Citrix Workspace app for Mac unable to see USB device
A USB Joystick has been tested successfully from a windows client. USB device pass through is configured on a Citrix policy via Studio, but USB device options on mac receiver client show "Policy Restricted" in the "Virtual Channel" column. Customer tried updating the local policy by editing the...