144 matches found
CVE-2025-4412 TCC Bypass via Dylib Loading in Viscosity.app
On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...
CVE-2024-45599
Cursor is an artificial intelligence code editor. Prior to version 0.41.0, if a user on macOS has granted Cursor access to the camera or microphone, any program that is run on the machine is able to access the camera or the microphone without explicitly being granted access, through a DyLib...
CVE-2024-53407
In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data...
CVE-2023-42920
Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS...
CVE-2022-25366
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious...
CVE-2022-48481
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible...
CVE-2022-46828
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible...
CVE-2025-2098
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...
CVE-2025-2098
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...
CVE-2025-2098
CVE-2025-2098 affects Fast CAD Reader on macOS. The issue is improper file permissions (rwxrwxrwx) for the application, diverging from macOS practice of drwxr-xr-x, enabling potential Dylib Hijacking and privilege escalation. Impact is described as local: guest/other users and applications could ...
CVE-2025-2098 Dylib Hijacking in Fast CAD Reader
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...
CVE-2025-2098 Dylib Hijacking in Fast CAD Reader
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...
Honghu Yuntu Fast CAD Reader 安全漏洞
Honghu Yuntu Fast CAD Reader is a CAD reader from the Chinese company Honghu Yuntu. A security vulnerability exists in Honghu Yuntu Fast CAD Reader 4.1.5 and earlier versions, which can lead to Dylib hijacking and elevation of privilege due to improperly set file permissions...
PT-2025-12971 · Unknown · Fast Cad Reader
Name of the Vulnerable Software and Affected Versions: Fast CAD Reader versions prior to a fixed version no specific fixed version mentioned, affected versions not specified Description: The Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx,...
CVE-2025-1413
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...
CVE-2025-1413
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...
CVE-2025-1413 Dylib Hijacking in DaVinci Resolve
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...
CVE-2025-1413 Dylib Hijacking in DaVinci Resolve
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...
PT-2025-9078 · Blackmagic Design · Davinci Resolve
Name of the Vulnerable Software and Affected Versions: DaVinci Resolve versions prior to 19.1.3 Description: The issue is related to incorrect file permissions in DaVinci Resolve on MacOS, which can lead to Dylib Hijacking. This inconsistency with standard macOS security practices allows for...
Blackmagic Design DaVinci Resolve 安全漏洞
Blackmagic Design DaVinci Resolve is a software tool that combines editing, color correction, visual effects, motion graphics, and audio post-production in one package. A security vulnerability exists in Blackmagic Design DaVinci Resolve versions prior to 19.1.3, which stems from improperly set...