163 matches found
CVE-2025-61229
An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls...
CVE-2025-61229
Connected documents confirm a concrete vulnerability in Shirt Pocket’s SuperDuper!
EUVD-2019-4703
Malware in sbrugna...
EUVD-2021-17773
Malware in sbrugna...
EUVD-2020-18825
Malware in sbrugna...
EUVD-2014-9779
Malware in sbrugna...
EUVD-2014-1119
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-13179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the hard disk not using full volume encryption, which can be exploited by an attacker to bypas...
CVE-2024-3082
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...
CVE-2023-25953
Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LIN...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...
CVE-2021-30856
This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions. This issue is fixed in macOS Big Sur 11.3. A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences...
CVE-2020-26200
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of 1 out-of-date credentials and 2 invalid credentials, which allows physically proximate attackers to defeat t...
SUSE CVE-2025-4382
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...
SUSE CVE-2022-48913
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix use after free for struct blktrace When tracing the whole disk, 'dropped' and 'msg' will be created under 'q-debugfsdir' and 'bt-dir' is NULL, thus blktracefree won't remove those files. What's worse, the following...
CVE-2024-3082
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...
PT-2024-23625 · Plug&Track +1 · Sensor Net Connect V2 +2
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows an attacker with physical access to the machine to retrieve the administrative account password in cleartext, unless specific security measures such as full-disk encryptio...
User Profiles are Created on StoreFront Servers
StoreFront stops working from a full disk or a hard drive that is out of space. User Profiles are created on the Receiver StoreFront server for users of either Receiver for Web or Receiver clients...