Lucene search
K

111 matches found

Prion
Prion
added 2019/08/23 5:15 p.m.14 views

Design/Logic Flaw

Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may therefore still be vulnerable after upgrading to 4.4.0. Version 4.4.1 fixes this...

4.9CVSS5.4AI score0.00353EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/23 4:58 p.m.107 views

CVE-2019-13013

CVE-2019-13013 affects Little Snitch versions 4.3.0 to 4.3.2. The vulnerability lies in the privileged helper tool, which exposes an XPC interface accessible to any process and allows directory listings and copying files as root, enabling local privilege escalation. The available connected docume...

5.5CVSS5.6AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/23 4:55 p.m.19 views

CVE-2019-13014

Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may therefore still be vulnerable after upgrading to 4.4.0. Version 4.4.1 fixes this...

5.4AI score0.00353EPSS
Exploits0References1
CVE
CVE
added 2019/08/23 4:55 p.m.90 views

CVE-2019-13014

CVE-2019-13014 affects Little Snitch. The vulnerability arises from a privileged helper where the operating system may have retained a copy that is not removed or updated during upgrade to 4.4.0, leaving systems potentially exposed after upgrading. The issue is resolved in version 4.4.1 by removi...

5.5CVSS5.4AI score0.00353EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/06/05 10:29 p.m.2 views

CVE-2018-10171

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shel...

9.8CVSS5.8AI score0.01761EPSS
Exploits0References1
OSV
OSV
added 2019/04/02 4:29 p.m.2 views

CVE-2018-4052

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user...

5.5CVSS5.8AI score0.00357EPSS
Exploits0References1
Prion
Prion
added 2019/04/02 4:29 p.m.13 views

Information disclosure

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user...

2.1CVSS5.2AI score0.00357EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/04/02 4:29 p.m.2 views

CVE-2018-4053

An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable...

5.5CVSS5.8AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/02 3:19 p.m.21 views

CVE-2018-4052

An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user...

6.2CVSS5.2AI score0.00357EPSS
Exploits0References1
Talos
Talos
added 2019/03/26 12:0 a.m.83 views

GOG Galaxy Games fillProcessInformationForPids information leak vulnerability

Summary An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user. Tested Versions Gog Galaxy...

6.2CVSS5.2AI score0.00357EPSS
Exploits0
Talos
Talos
added 2019/03/26 12:0 a.m.74 views

GOG Galaxy Games privileged helper denial-of-service vulnerability

Summary An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable. Tested Versions Gog...

6.2CVSS5.9AI score0.00325EPSS
Exploits0
Prion
Prion
added 2019/01/10 3:29 p.m.17 views

Input validation

An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a...

2.1CVSS5.2AI score0.00309EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/01/10 3:29 p.m.3 views

CVE-2018-4046

An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a...

5.5CVSS5.8AI score0.00309EPSS
Exploits0References1
Talos
Talos
added 2019/01/02 12:0 a.m.33 views

Clean My Mac X pleaseTerminate denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machi...

7.1CVSS5.8AI score0.00309EPSS
Exploits0
CNVD
CNVD
added 2018/03/28 12:0 a.m.12 views

NordVPN Root Elevation of Privilege Vulnerability

NordVPN is a virtual private network tool that gives you a high-speed and stable connection to the world wide web and secure access to a wide range of streaming sites, censored content and social media. NordVPN 3.3.10 for macOS suffers from a root elevation of privilege vulnerability. An attacker...

9CVSS7.5AI score0.02744EPSS
Exploits0References1
OSV
OSV
added 2018/03/27 11:29 p.m.3 views

CVE-2018-9105

NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main application. Unfortunately...

8.8CVSS6.3AI score
Exploits0References2
CNVD
CNVD
added 2018/03/20 12:0 a.m.5 views

VPN Unlimited for macOS privileged helper tool privilege access control vulnerability

VPN Unlimited for macOS is a VPN application based on macOS platform. privileged helper tool is one of the helper tools. A privilege access control vulnerability exists in the privileged helper tool in version 4.2.0 of VPN Unlimited for macOS. An attacker can use this vulnerability to execute...

10CVSS7.6AI score0.01592EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/16 6:29 p.m.4 views

CVE-2018-8739

VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root...

10CVSS6AI score0.01592EPSS
Exploits0References2
OSV
OSV
added 2018/03/16 6:29 p.m.6 views

CVE-2018-8739

VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root...

9.8CVSS6AI score0.01592EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/06 12:0 a.m.3 views

CactusVPN root elevation of privilege vulnerability

CactusVPN for macOS is a macOS-based VPN software from CactusVPN Moldova for anonymous access to the Internet. privileged helper tool is one of the helper tools. A privileged helper tool vulnerability exists in CactusVPN 6.0 and earlier versions for macOS-based platforms. An attacker can exploit...

10CVSS7.2AI score0.0186EPSS
Exploits0References1
Rows per page
Query Builder