CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

EUVD-2014-1345

Malware in sbrugna...

EUVD-2015-6994

Malware in sbrugna...

EUVD-2014-1360

Malware in sbrugna...

EUVD-2022-43115

Malicious code in bioql PyPI...

CVE-2025-43720

Headwind MDM before 5.33.1 makes configuration details accessible to unauthorized users. The Configuration profile is exposed to the Observer user role, revealing the password requires to escape out of the MDM controlled device's profile...

CVE-2025-4095 Registry Access Management (RAM) policies not applied when sign-in enforcement is configured via a configuration profile

Registry Access Management RAM is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would allow Docker Desktop use...

PT-2025-3699 · Undefined · Undefined

🔗 DarkWebInformer.com - Cyber Threat Intelligence 📌 CVE ID: GHSA-qcg2-98h8-485j 🔗 Aliases: CVE-2024-8474 🔹 Details: OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to...

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

About the security content of tvOS 12.1.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

New Crossrider variant installs configuration profiles on Macs

A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way. For the most part, this variant is still quite ordinary, doing some of the same old things that we've been seeing for years in Mac adware. However, the use of a configuration profile introduces a uniqu...

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access...

CVE-2018-4115

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access...

Null pointer dereference

The eappwdperformconfirmexchange function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an EAP-pwd Confirm message followed by the...

CVE-2015-5316

The CVE-2015-5316 issue affects wpa_supplicant (2.x) prior to 2.6, in the eap_pwd_perform_confirm_exchange function inside eap_pwd.c. When EAP-pwd is enabled in a network profile, processing an EAP-pwd Confirm message followed by the Identity exchange can trigger a NULL pointer dereference, leadi...

CVE-2015-7062

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

Design/Logic Flaw

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

CVE-2015-7062

Technical details for CVE-2015-7062 are not publicly available in the provided documents. Monitor for updates for affected products, vectors, or fixes.

CVE-2015-7062

Apple OS X before 10.11.2 and tvOS before 9.1 allow local users to bypass intended configuration-profile installation restrictions via unspecified vectors...

CVE-2015-5315

The eappwdprocess function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service process...