2 matches found
Anytype Heart's gRPC API client challenge verification can be bypassed on localhost
Impact The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. Affected components: - Anytype Desktop all platforms ≤ v0.48.2 - Anytype-CLI headless deployments ≤ v0.1.9 Not affected: - Anytype mobile apps iOS...
CVE-2021-23876
Bypass Remote Procedure call in McAfee Total Protection MTP prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware...