EUVD-2023-36655

Malicious code in bioql PyPI...

EUVD-2023-31323

Malicious code in bioql PyPI...

EUVD-2023-31671

Malicious code in bioql PyPI...

EUVD-2022-30037

Malicious code in bioql PyPI...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

PT-2025-40365

Name of the Vulnerable Software and Affected Versions FrostWire version 6.14.0-build-326 Description The software has permissive entitlements, specifically allow-dyld-environment-variables and disable-library-validation. These entitlements permit unprivileged local attackers to inject code into t...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

CVE-2025-43207

CVE-2025-43207 affects macOS Tahoe 26. The issue is a privilege mismanagement/entitlements problem that could allow an app to access user-sensitive data. Apple fixed it in Tahoe 26 by improving entitlements. No exploitation details are provided in the available documents. Remediation: update/prov...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

PT-2025-37790

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Tahoe 26 Description: An application may be able to access user-sensitive data due to improved entitlements. Recommendations: Update to macOS Tahoe 26...

CVE-2025-43260

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...

CVE-2025-43260

CVE-2025-43260 affects Apple macOS Sequoia (15.6) and macOS Sonoma (14.7.7). The issue could allow an app to hijack entitlements granted to other privileged apps, representing a local-attack surface with low confidentiality/ integrity impact per the provided metrics. The vulnerability is mitigate...

PT-2025-31332 · Apple · Macos Sequoia 15.6 +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: An application may be able to hijack entitlements granted to other privileged applications due to improved data protection. Recommendations: Update to mac...

SkyEye: When Your Vision Reaches beyond IAM Boundary Scope in AWS Cloud

In recent years, cloud security has emerged as a primary concern for enterprises due to the increasing trend of migrating internal infrastructure and applications to cloud environments. This shift is driven by the desire to reduce the high costs and maintenance fees associated with traditional...

CVE-2025-5963

The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library Dylib injection. A local attacker with unprivileged access can use environmen...