21 matches found
CVE-2026-9948
Use after free in Views in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2024-54642
Malicious code in bioql PyPI...
EUVD-2021-28803
Malicious code in bioql PyPI...
CVE-2024-52561
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740. When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change...
CVE-2025-31359
A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 55879. This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation...
CVE-2024-52561
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740. When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change...
CVE-2024-54189
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740. When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary fil...
Parallels Desktop 安全漏洞
Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop for Mac version 20.1.1, which stems from a symbolic linking issue in the Snapshot feature that could lead to elevated privileges...
PT-2025-23597 · Parallels · Parallels Desktop For Mac
Name of the Vulnerable Software and Affected Versions: Parallels Desktop for Mac version 20.1.1 build 55740 Description: A privilege escalation issue exists in the Snapshot functionality of Parallels Desktop for Mac. When a snapshot of a virtual machine is deleted, a root service verifies and...
Large scale Google Ads campaign targets utility software
After what seemed like a long hiatus, we've observed threat actors returning to malvertising to drop malware disguised as software downloads. The campaign we identified is high-impact, going after utility software such as Slack, Notion, Calendly, Odoo, Basecamp, and others. For this blog, we...
PT-2023-28970 · Withsecure · Withsecure Elements Endpoint Protection +5
Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...
CVE-2023-42524
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security...
Fail to add account with "Could not detect the specified account" error on Workspace APP For MAC
"Could not detect the specified account. The server might be invalid or may be unavailable at this time. Make sure the URL is correct and check your network connection. " error happen when adding ADC URL into MAC Workspace APP. MAC workspace current version is 2212. Can successfully launch resour...
Microsoft Office PowerPoint Security Vulnerability
Microsoft Office PowerPoint is a software used to create, presentations PPT by Microsoft Corporation USA. A security vulnerability exists in Microsoft Office PowerPoint. The following products and editions are affected:Microsoft PowerPoint 2016 64-bit edition,Microsoft PowerPoint 2010 Service Pac...
McAfee Endpoint Detection and Response Privilege Vulnerability
McAfee Endpoint Detection and Response EDR is a suite of endpoint threat detection and response solutions from the U.S.-based company McAfee McAfee. The product supports threat event monitoring, host traffic monitoring and automatic threat identification and other functions. A power lift...
CVE-2017-11877
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for...
CVE-2016-7232
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...
Microsoft patch day 2015-4-14: the repair of many high-risk IE, Windows, Office vulnerabilities-vulnerability warning-the black bar safety net
Monthly the second Tuesday, Microsoft fixed the patch to fix the day, Microsoft on Tuesday(2015-4-14 the“patch day”on repairing a large number of vulnerabilities, which includes many IE, Windows, Office, high-risk vulnerabilities. Update announcement MS15-0 3 4 announcement MS15-0 3 4 announcemen...
Wechat exposed two vulnerabilities: not authorized to login others account-vulnerability warning-the black bar safety net
Recently the black bar safety net vulnerability announcements section of the public Tencent wechat are two of the vulnerabilities. According to the vulnerability of the author described by the two vulnerability a hacker may not be authorized to access and log in directly to their wechat account...
[WhiteHat Aviator] The Web’s most secure and private browser
A few weeks have passed and we’ve had an overwhelmingly positive response from the community for the Aviator Beta. As you can probably expect, the vast majority of comments we received were around building a Windows version or a Linux version. But in the mean time, we wanted to make sure we...