Lucene search
+L

35 matches found

Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.6 views

PT-2024-14036 · Td Bank · Td Advanced Dashboard Client

Name of the Vulnerable Software and Affected Versions: TD Bank TD Advanced Dashboard client through 3.0.3 for macOS Description: The issue allows arbitrary code execution due to the lack of electron::fuses::IsRunAsNodeEnabled, which means ELECTRON RUN AS NODE can be used in production. This makes...

8.4CVSS6.9AI score0.0023EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.4 views

PT-2023-27818 · Unknown · Appsanywhere Macos Client

Name of the Vulnerable Software and Affected Versions: AppsAnywhere macOS client affected versions not specified Description: The issue allows a local user process to trick the AppsAnywhere macOS client-privileged helper into executing arbitrary commands with elevated permissions. Recommendations...

7.5CVSS7AI score0.00175EPSS
Exploits0References4
Citrix
Citrix
added 2023/08/23 12:0 a.m.31 views

EPA Scan failure on MacOS with error message "Error during unzipping libraries"

EPA scan failed on MacOS client withfollowing errors in "/Library/Application Support/Citrix/EPAPlugin/ " logs: Error during unzipping libraries NSAppleScriptErrorAppName = CitrixEndpointAnalysis; NSAppleScriptErrorBriefMessage = "unzip: cannot find or open 1/Library/Application...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/08/09 11:15 p.m.3 views

CVE-2023-36671

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

6.3CVSS6.6AI score0.00311EPSS
Exploits1References4
OSV
OSV
added 2023/06/13 7:15 p.m.4 views

CVE-2023-34114

Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access...

6.5CVSS6.6AI score0.00983EPSS
Exploits0References1
NCSC
NCSC
added 2023/06/13 12:0 a.m.17 views

Vulnerabilities fixed in Zoom

Zoom has fixed vulnerabilities in the Zoom client for Windows and macOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to grant themselves elevated privileges granted or gain access to sensitive information. Zoom has released updates to fix the vulnerabilities ...

8.8CVSS7AI score0.00983EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/08/09 12:0 a.m.4 views

CVE-2022-28751

The Zoom Client for Meetings for MacOS Standard and for IT Admin before version 5.11.3 contains a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root...

8.8CVSS7.1AI score0.0014EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/08 12:0 p.m.6 views

CVE-2022-22779

The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to...

4.3CVSS5.8AI score0.00801EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/10/26 10:13 p.m.23 views

Basecamp: Lack of quarantine macOS attribute(com.apple.quarantine) leads multiple issues including RCE

Hi, basecamp team. HEY macOS client does not properly validate file uploads on its macOS inbox. That is because, by not setting the com.apple.quarantine attribute in the metadata of an executable file when it is uploaded, you allow the file to be executed on macOS without being checked by...

Exploits0
ThreatPost
ThreatPost
added 2020/07/30 9:40 p.m.52 views

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

A security issue in popular video conferencing platform Zoom was disclosed this week, which could have allowed attackers to crack private meeting passcodes and snoop in on video conferences. The problem, which has already been fixed, stems from Zoom not having any check against repeated incorrect...

7.8AI score
Exploits0References9
OSV
OSV
added 2020/03/04 7:15 p.m.6 views

CVE-2020-3182

A vulnerability in the multicast DNS mDNS protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information ...

4.3CVSS5.8AI score0.00508EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/12 12:0 a.m.3 views

Private Internet Access (PIA) VPN Client Arbitrary Code Execution Vulnerability (CNVD-2019-24215)

Private Internet Access PIA is a commercial VPN service operated by London Trust Media. An arbitrary code execution vulnerability exists in the London Trust Media Private Internet Access PIA VPN client version 82 for macOS. A local, unprivileged user can exploit this vulnerability by modifying...

7.8CVSS8.1AI score0.00626EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/09/04 7:0 a.m.66 views

Moderate: Red Hat Security Advisory: samba security, bug fix and enhancement update

Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...

8.8CVSS7.1AI score0.06691EPSS
Exploits0References10
myhack58
myhack58
added 2017/07/16 12:0 a.m.174 views

CVE-2017-4918: VMware Horizon macOS client code injection vulnerability analysis-vulnerability warning-the black bar safety net

This article I want to discuss under the VMware Horizon macOS client version 4. 4. 0, the 5164329 of a code injection vulnerability, which can be used to obtain local root privileges. The good news is this issue already in the latest version is fix. 0x01 analysis On my MAC the above understanding...

0.4AI score0.04859EPSS
Exploits1
0day.today
0day.today
added 2017/07/12 12:0 a.m.48 views

VMware Horizon's macOS Client Code Injection Vulnerability

VMware Horizon's macOS client versions prior to 4.5 suffer from a code injection vulnerability. CVE-2017-4918: Code Injection in VMware Horizonas macOS Client Metadata =================================================== Release Date: 10-July-2017 Author: Florian Bogner // https://bogner.sh Affect...

10CVSS9.4AI score0.04859EPSS
Exploits1
Rows per page
Query Builder