Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 7:18 a.m.5 views

wireshark: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Wireshark

A flaw was found in Wireshark. A path traversal can occur when a malformed configuration profile is imported, resulting in a denial of service or potentially in code execution...

7.8CVSS5.8AI score0.0018EPSS
Exploits1References6
OSV
OSV
added 2025/11/11 7:15 a.m.6 views

CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

6.7CVSS5.8AI score0.00115EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1345

Malware in sbrugna...

5.8CVSS6.1AI score0.0112EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2015-6994

Malware in sbrugna...

4.6CVSS7.6AI score0.00347EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1360

Malware in sbrugna...

5.8CVSS6.1AI score0.0112EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43115

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.00704EPSS
Exploits0References2
OSV
OSV
added 2025/07/21 5:15 p.m.7 views

CVE-2025-43720

Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The Configuration profile is exposed to the Observer user role, revealing the password requires to escape out of the MDM controlled device's profile...

6.5CVSS6.4AI score0.00353EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/29 5:16 p.m.13 views

CVE-2025-4095 Registry Access Management (RAM) policies not applied when sign-in enforcement is configured via a configuration profile

Registry Access Management RAM is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop use...

4.3CVSS0.00131EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.12 views

PT-2025-3699 · Undefined · Undefined

🔗 DarkWebInformer.com - Cyber Threat Intelligence 📌 CVE ID: GHSA-qcg2-98h8-485j 🔗 Aliases: CVE-2024-8474 🔹 Details: OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to...

7.5CVSS9.3AI score0.00526EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/06 2:33 p.m.6 views

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

7.5AI score0.00526EPSS
Exploits0References1
Apple
Apple
added 2019/09/17 10:45 a.m.46 views

About the security content of tvOS 12.1.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

9.3CVSS0.3AI score0.12808EPSS
Exploits16Affected Software1
Malwarebytes
Malwarebytes
added 2018/04/24 4:30 p.m.44 views

New Crossrider variant installs configuration profiles on Macs

A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way. For the most part, this variant is still quite ordinary, doing some of the same old things that we've been seeing for years in Mac adware. However, the use of a configuration profile introduces a uniqu...

0.7AI score
Exploits0
Prion
Prion
added 2018/04/03 6:29 a.m.14 views

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access...

7.5CVSS7.2AI score0.02299EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added 2018/04/03 6:0 a.m.18 views

CVE-2018-4115

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access...

7.6AI score0.02299EPSS
Exploits0References6
Prion
Prion
added 2018/02/21 4:29 p.m.23 views

Null pointer dereference

The eappwdperformconfirmexchange function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an EAP-pwd Confirm message followed by the...

4.3CVSS7AI score0.03249EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2018/02/21 4:0 p.m.79 views

CVE-2015-5316

The CVE-2015-5316 issue affects wpa_supplicant (2.x) prior to 2.6, in the eap_pwd_perform_confirm_exchange function inside eap_pwd.c. When EAP-pwd is enabled in a network profile, processing an EAP-pwd Confirm message followed by the Identity exchange can trigger a NULL pointer dereference, leadi...

5.9CVSS5.5AI score0.03249EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2015/12/11 11:59 a.m.16 views

CVE-2015-7062

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

4.6CVSS8.1AI score0.00347EPSS
Exploits0References5
Prion
Prion
added 2015/12/11 11:59 a.m.18 views

Design/Logic Flaw

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

4.6CVSS6.3AI score0.00347EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2015/12/11 11:0 a.m.61 views

CVE-2015-7062

Technical details for CVE-2015-7062 are not publicly available in the provided documents. Monitor for updates for affected products, vectors, or fixes.

4.6CVSS7.8AI score0.00347EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/12/11 11:0 a.m.21 views

CVE-2015-7062

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

8.2AI score0.00347EPSS
Exploits0References5
Rows per page
Query Builder