7 matches found
CVE-2026-40604 ClearanceKit: opfilter system extension can be suspended or signalled by a root process, disabling file-access policy enforcement
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension bundle ID uk.craigbass.clearancekit.opfilter can be suspended with SIGSTOP or kill -STOP, or killed with SIGKILL/SIGTERM, by any...
EUVD-2026-24213
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension bundle ID uk.craigbass.clearancekit.opfilter can be suspended with SIGSTOP or kill -STOP, or killed with SIGKILL/SIGTERM, by any...
CVE-2026-33632
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...
Fedora: Security Advisory for fapolicyd (FEDORA-2022-47a86f6258)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
fapolicyd security, bug fix, and enhancement update
An update is available for fapolicyd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Fapolicyd File Access Policy Daemon implements application whitelisting to...
ALSA-2022:1898 Moderate: fapolicyd security, bug fix, and enhancement update
Fapolicyd File Access Policy Daemon implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights...
Pulse Secure VPNs Get Quick Fix for Critical RCE
Pulse Secure has issued a workaround for a critical remote-code execution RCE vulnerability in its Pulse Connect Secure PCS VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory...