Lucene search
K

144 matches found

Cvelist
Cvelist
added 2025/05/27 10:9 a.m.43 views

CVE-2025-4412 TCC Bypass via Dylib Loading in Viscosity.app

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

4.8CVSS0.00135EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.6 views

CVE-2024-45599

Cursor is an artificial intelligence code editor. Prior to version 0.41.0, if a user on macOS has granted Cursor access to the camera or microphone, any program that is run on the machine is able to access the camera or the microphone without explicitly being granted access, through a DyLib...

3.8CVSS7.6AI score0.00177EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:16 a.m.7 views

CVE-2024-53407

In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data...

3.3CVSS7.4AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.8 views

CVE-2023-42920

Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS...

7.8CVSS6.9AI score0.00179EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.6 views

CVE-2022-25366

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious...

7.8CVSS7.2AI score0.00556EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:30 a.m.12 views

CVE-2022-48481

In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible...

7.8CVSS7.1AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:24 a.m.9 views

CVE-2022-46828

In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible...

7.8CVSS7.1AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/28 5:50 p.m.7 views

CVE-2025-2098

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...

8.4CVSS7.3AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2025/03/26 4:15 p.m.13 views

CVE-2025-2098

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...

8.4CVSS0.00164EPSS
Exploits0References2
CVE
CVE
added 2025/03/26 3:23 p.m.71 views

CVE-2025-2098

CVE-2025-2098 affects Fast CAD Reader on macOS. The issue is improper file permissions (rwxrwxrwx) for the application, diverging from macOS practice of drwxr-xr-x, enabling potential Dylib Hijacking and privilege escalation. Impact is described as local: guest/other users and applications could ...

8.4CVSS7.3AI score0.00164EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/26 3:23 p.m.15 views

CVE-2025-2098 Dylib Hijacking in Fast CAD Reader

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...

8.4CVSS7.3AI score0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/26 3:23 p.m.14 views

CVE-2025-2098 Dylib Hijacking in Fast CAD Reader

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...

8.4CVSS0.00164EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.5 views

Honghu Yuntu Fast CAD Reader 安全漏洞

Honghu Yuntu Fast CAD Reader is a CAD reader from the Chinese company Honghu Yuntu. A security vulnerability exists in Honghu Yuntu Fast CAD Reader 4.1.5 and earlier versions, which can lead to Dylib hijacking and elevation of privilege due to improperly set file permissions...

8.4CVSS6.8AI score0.00164EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/26 12:0 a.m.11 views

PT-2025-12971 · Unknown · Fast Cad Reader

Name of the Vulnerable Software and Affected Versions: Fast CAD Reader versions prior to a fixed version no specific fixed version mentioned, affected versions not specified Description: The Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx,...

8.4CVSS6.1AI score0.00164EPSS
Exploits0References103
RedhatCVE
RedhatCVE
added 2025/03/02 9:20 a.m.26 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS6.9AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2025/02/28 9:15 a.m.10 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/28 8:25 a.m.23 views

CVE-2025-1413 Dylib Hijacking in DaVinci Resolve

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/28 8:25 a.m.8 views

CVE-2025-1413 Dylib Hijacking in DaVinci Resolve

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS6.6AI score0.00195EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.4 views

PT-2025-9078 · Blackmagic Design · Davinci Resolve

Name of the Vulnerable Software and Affected Versions: DaVinci Resolve versions prior to 19.1.3 Description: The issue is related to incorrect file permissions in DaVinci Resolve on MacOS, which can lead to Dylib Hijacking. This inconsistency with standard macOS security practices allows for...

8.4CVSS7.4AI score0.00195EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/02/28 12:0 a.m.6 views

Blackmagic Design DaVinci Resolve 安全漏洞

Blackmagic Design DaVinci Resolve is a software tool that combines editing, color correction, visual effects, motion graphics, and audio post-production in one package. A security vulnerability exists in Blackmagic Design DaVinci Resolve versions prior to 19.1.3, which stems from improperly set...

8.4CVSS6.6AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder