13 matches found
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
EUVD-2023-26769
Malicious code in bioql PyPI...
EUVD-2023-49880
Malicious code in bioql PyPI...
CVE-2023-22635
A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...
CVE-2024-35281
An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...
CVE-2024-35281
An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...
CVE-2024-35281
An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
CVE-2023-45588 is a local, external-control-of-file-name-or-path vulnerability (CWE-73) in FortiClientMac. Affected: FortiClientMac versions 7.2.3 and below, and the 7.0.10 and below installer. Summary: a local attacker could write a malicious configuration file in /tmp before installation to exe...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
PT-2024-13254 · Fortinet · Forticlientmac
Name of the Vulnerable Software and Affected Versions: FortiClientMac versions 7.2.3 and below FortiClientMac version 7.0.10 and below installer Description: The issue allows a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting...
PT-2023-7226 · Fortinet · Forticlientmac
Name of the Vulnerable Software and Affected Versions: FortiClientMac versions 4.0 through 7.0.7 Description: The issue is related to a download of code without integrity check, which may allow a local attacker to escalate their privileges by modifying the installer upon upgrade. Recommendations:...