266 matches found
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
CVE-2025-65842
The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation. The product follows symbolic links placed in ~/Library/Logs/Aquarius and treats them as regular files. While building the support ZIP, a JUCE directory iterator configured t...
CVE-2025-65841
Summary of CVE-2025-65841 : Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in a local file at ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is “encrypted” via predictable byte-substitution that is trivially revers...
Plugin Alliance Aquarius Desktop 安全漏洞
Plugin Alliance Aquarius Desktop is an audio plugin management software from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius Desktop version 3.0.069, which stems from the Supported Data Archiving feature not properly handling symbolic links, which could lead to...
CVE-2025-65842
The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...
Plugin Alliance Aquarius HelperTool 安全漏洞
Plugin Alliance Aquarius HelperTool is an audio plugin helper tool from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius HelperTool version 1.0.003, which stems from the XPC service not validating the client's identity and flawed authorization logic, which could...
CVE-2025-65842
The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...
PT-2025-48950
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
CVE-2025-65842
CVE-2025-65842 concerns the Aquarius HelperTool (1.0.003) on macOS. The Privileged XPC service accepts local connections without validating the client’s identity, and its authorization logic calls AuthorizationCopyRights with a NULL reference, causing all authorization checks to succeed. The exec...
Plugin Alliance Aquarius Desktop 安全漏洞
Plugin Alliance Aquarius Desktop is an audio plugin management software from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius Desktop version 3.0.069 that stems from the use of a weak obfuscation scheme to store user authentication credentials, which could lead to...
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
PT-2025-48966
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
EUVD-2025-177252
Malicious code in perseus-orbit-iota-aquarius npm...
EUVD-2025-180374
Malicious code in aquarius-jsonp-technocracy-bulma npm...