Lucene search
K

5560 matches found

Wolfi
Wolfi
added 2026/06/17 8:23 p.m.8 views

CVE-2026-12143 vulnerabilities

Vulnerabilities for packages: lerna, langfuse, nextcloud-server, opensearch-dashboards, sqlpad, argo-workflows, tileserver-gl, prism, saf, kubeflow-pipelines, jitsucom-jitsu, kubeflow-centraldashboard...

8.7CVSS6.1AI score0.00409EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 7:29 p.m.14 views

Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Cross-Site Scripting.

Summary compiler-18.2.14.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2026-32635. Vulnerability Details CVEID:CVE-2026-32635 DESCRIPTION: Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to...

9CVSS5.7AI score0.00339EPSS
Exploits0Affected Software1
Wolfi
Wolfi
added 2026/06/13 7:48 p.m.14 views

GHSA-CX3H-4QPV-8HC9 vulnerabilities

Vulnerabilities for packages: tensorflow-cpu-jupyter, airflow, mitmproxy...

5.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 9:25 p.m.5 views

Security Bulletin: An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2026-3621).

Summary An Improper Privilege Management vulnerability may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2026-3621. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address this vulnerability. Vulnerability Details CVEID:CVE-2026-3621 DESCRIPTION:...

7.5CVSS5.4AI score0.00276EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 3:38 p.m.5 views

Security Bulletin: Vulnarability in commons-beanutils library (CVE-2019-10086) affects Power HMC.

Summary The commons-beanutils library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2019-10086 DESCRIPTION: In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability...

7.5CVSS6.6AI score0.28839EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.11 views

CVE-2026-24065

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

8.1CVSS6.1AI score0.00323EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.11 views

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

7.8CVSS6.2AI score0.00151EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/09 11:0 p.m.10 views

EUVD-2026-35871

SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controll...

8.6CVSS5.5AI score0.00422EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35447

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

6.2AI score0.00151EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35448

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

8.1CVSS6.1AI score0.00323EPSS
Exploits1References3
NVD
NVD
added 2026/06/09 4:16 p.m.14 views

CVE-2026-24065

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

8.1CVSS0.00323EPSS
Exploits1References2
CVE
CVE
added 2026/06/09 2:50 p.m.30 views

CVE-2026-24065

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation in the privileged helper service. The helper validates connecting XPC clients by examining the client PID to verify code-signing identity. Since PIDs can be reused, an attacker can race between connection and v...

8.1CVSS6.1AI score0.00323EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/09 2:50 p.m.9 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

6.1AI score0.00323EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/09 2:50 p.m.35 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

0.00323EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 2:47 p.m.9 views

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

6.2AI score0.00151EPSS
Exploits1References1
CVE
CVE
added 2026/06/09 2:47 p.m.27 views

CVE-2026-24064

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation due to a trusted XPC client component signed with hardened runtime entitlements that allows dynamic library injection via DYLD_INSERT_LIBRARIES. An attacker can inject code into the trusted process at launch, w...

7.8CVSS6.2AI score0.00151EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/09 2:47 p.m.35 views

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

0.00151EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47796

1 Local Privilege Escalation via DYLIB Injection CVE-2026-24064 2 Local Privilege Escalation via Insecure XPC Client Validation CVE-2026-24065 Multiple Local Privilege Escalation Vulnerabilities in Waves Audio Waves Central https://t.co/fkys4ePhWy...

5.4AI score0.00323EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.25 views

PT-2026-47795

Name of the Vulnerable Software and Affected Versions Waves Central for macOS versions 13.0.9 through 16.5.5 Description A trusted XPC client component is signed with hardened runtime entitlements that allow dynamic library injection. A local attacker can use the DYLD INSERT LIBRARIES environment...

7.8CVSS6AI score0.00151EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Waves Central 安全漏洞

Waves Central is an audio software license and product management tool provided by the Waves company. There are security vulnerabilities in the version of Waves Central for macOS from 13.0.9 to 16.5.5. These vulnerabilities stem from the Privilege Assistant service using process identifiers to...

8.1CVSS5.9AI score0.00323EPSS
Exploits1References2
Rows per page
Query Builder