165 matches found
CVE-2018-6822
In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root...
CVE-2018-6822
In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root...
Code injection
In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forci...
CVE-2017-17809
In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an unprotected XPC service that allows attackers to update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary when executed. An attacker can abuse this vulnerability by forci...
CVE-2017-17809
The CVE-2017-17809 entry affects Golden Frog VyprVPN for macOS prior to 2.15.0.5828. The vyprvpnservice launch daemon exposes an unprotected XPC service that lets attackers update the underlying OpenVPN configuration and the arguments passed to the OpenVPN binary. An attacker could abuse this to ...