GHSA-V895-833R-8C45 Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database

Summary A critical second-order SQL Injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment...

Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database

Summary A critical second-order SQL Injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

Exposure of Data Element to Wrong Session

Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...

CVE-2026-34391

Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credentials, VPN secrets...

PT-2026-28631

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.1 Description Fleet, an open source device management software, contains an issue in its Windows MDM command processing. A malicious enrolled device can access MDM commands intended for other devices. This could...

EUVD-2023-43069

Malicious code in bioql PyPI...

CVE-2023-39338

Enables an authenticated user enrolled device to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the user to authenticate to or use the service, it just provides the tunnel access...

Ivanti Endpoint Manager Mobile < 11.10.0.4 / 11.11.x < 11.11.0.2 Multiple Vulnerabilities

The version of Ivanti Endpoint Manager Mobile, formerly MobileIron Core, running on the remote host is 11.10.0.4, or 11.11.x 11.11.0.2. It is, therefore, affected by multiple vulnerabilities. - A security vulnerability has been identified allowing an unauthenticated threat actor to impersonate an...

PT-2023-26886 · Epmm · Epmm

Name of the Vulnerable Software and Affected Versions: EPMM versions 11.8 through 11.10 Description: A security issue allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well ...

Improper access control

An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management MAM enrolled device...

CVE-2018-18571

An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management MAM enrolled device...

CVE-2018-11717

An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain depending on the modules configured the Base64 encoded Password/Username of AD accounts, the cleartext Password/Username and mail settings of the...

CVE-2017-4931

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious conten...

Secure Hub not automatically installed on DEP/VPP enrolled iOS

Device is enrolled in DEP/VPP. Secure Hub is one of two required apps. The other app is installed, Secure Hub is not...