Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

38 matches found

OSV
OSVadded 2026/01/22 3:16 p.m.2 views

UBUNTU-CVE-2025-15523

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.9AI score0.00006EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2026/01/22 2:45 p.m.6 views

CVE-2025-15523

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.7AI score0.00006EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/22 2:45 p.m.23 views

CVE-2025-15523 TCC Bypass via Inherited Permissions in Bundled Interpreter in Inkscape.app

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS0.00006EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/01/22 2:45 p.m.4 views

CVE-2025-15523

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.6AI score0.00006EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2025/12/17 6:14 p.m.2 views

CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store

Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...

3.9CVSS6.5AI score0.00011EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/17 12:0 a.m.5 views

PT-2025-51855

Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...

3.9CVSS6.9AI score0.00011EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-24141

Malicious code in bioql PyPI...

7.8CVSS6.4AI score0.00077EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2023-36644

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00033EPSS
Exploits0References4
NVD
NVDadded 2025/09/16 10:15 a.m.4 views

CVE-2025-10015

The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application. Lack of validation of connecting client...

4.8CVSS0.00023EPSS
Exploits0References3
CVE
CVEadded 2025/08/11 12:21 p.m.25 views

CVE-2025-8672

The CVE describes a TCC bypass in macOS GIMP where a bundled Python interpreter inherits the user’s TCC permissions granted to GIMP. With local access, an attacker can invoke this interpreter to run arbitrary commands and access files in privacy-protected folders without prompting the user, abusi...

7.8CVSS7.3AI score0.00077EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 10:0 a.m.4 views

CVE-2024-23233

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

7.8CVSS5.9AI score0.00075EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:49 a.m.9 views

CVE-2023-32400

This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, macOS Ventura 13.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

5.5CVSS5.6AI score0.00033EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:40 p.m.6 views

CVE-2021-30757

This issue was addressed by enabling hardened runtime. This issue is fixed in iMovie 10.2.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References1
OSV
OSVadded 2025/05/22 10:15 a.m.2 views

CVE-2025-4280

MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.9AI score0.00064EPSS
Exploits0References5
AlpineLinux
AlpineLinuxadded 2025/05/22 10:15 a.m.2 views

CVE-2025-4280

MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS7.4AI score0.00064EPSS
Exploits0References5
OSV
OSVadded 2024/03/08 2:15 a.m.2 views

CVE-2024-23233

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

7.8CVSS5.7AI score0.00075EPSS
Exploits0References3
NVD
NVDadded 2024/03/08 2:15 a.m.15 views

CVE-2024-23233

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

7.8CVSS6.7AI score0.00075EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/03/08 1:35 a.m.20 views

CVE-2024-23233

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

6.8AI score0.00075EPSS
Exploits0References1
CVE
CVEadded 2024/03/08 1:35 a.m.76 views

CVE-2024-23233

CVE-2024-23233 affects macOS Sonoma 14.4 (and prior) where entitlements and privacy permissions granted to an app could be leveraged by a malicious app. The issue was addressed with improved checks and is fixed in macOS Sonoma 14.4. Affected component is the entitlement/privacy-permission handlin...

7.8CVSS6.5AI score0.00075EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/03/08 1:35 a.m.15 views

CVE-2024-23233

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. Entitlements and privacy permissions granted to this app may be used by a malicious app...

5.9AI score0.00075EPSS
Exploits0References1
Rows per page
Query Builder