Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.10 views

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

7.8CVSS6.2AI score0.00151EPSS
Exploits1References1
NVD
NVD
added 2026/06/09 4:16 p.m.13 views

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

7.8CVSS0.00151EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 2:47 p.m.8 views

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

6.2AI score0.00151EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/03 12:0 a.m.3 views

CVE-2025-55076

A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...

7.4AI score0.00183EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.5 views

Plugin Alliance Installation Manager 安全漏洞

Plugin Alliance Installation Manager is a plugin manager from Plugin Alliance USA. A security vulnerability exists in Plugin Alliance Installation Manager version v1.4.0, which stems from a missing hardened runtime and RESTRICT segments in the Plugin Alliance InstallationHelper service on macOS,...

6.2CVSS6.2AI score0.00164EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/03 12:0 a.m.17 views

CVE-2025-55076

A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...

0.00183EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2025/04/23 12:0 a.m.12 views

(0Day) Cato Networks Cato Client for macOS Helper Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cato Networks Cato Client for macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7.5AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/16 12:0 a.m.4 views

The vulnerability of the Windows operating system’s IP Helper service allows a perpetrator to trigger a service failure.

The vulnerability of the Windows operating system’s IP Helper service is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS7.8AI score0.02498EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/03/24 12:0 a.m.17 views

(0Day) Electronic Arts Origin Web Helper Service Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Electronic Arts Origin. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Web Helpe...

7.8CVSS5.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2019/11/13 12:0 a.m.35 views

Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

5.3CVSS3.4AI score0.02076EPSS
Exploits0References1
NVD
NVD
added 2019/10/24 4:15 p.m.31 views

CVE-2019-5013

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this...

7.8CVSS7.4AI score0.00597EPSS
Exploits0References1
Prion
Prion
added 2019/10/24 4:15 p.m.17 views

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise the...

7.2CVSS7.8AI score0.0053EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/24 3:17 p.m.29 views

CVE-2019-5012

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise the...

7.8CVSS7.8AI score0.0053EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/24 3:17 p.m.35 views

CVE-2019-5013

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this...

7.1CVSS7.8AI score0.00597EPSS
Exploits0References1
OSV
OSV
added 2019/04/17 3:29 p.m.4 views

CVE-2018-4005

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a successful...

7.8CVSS5.8AI score0.0068EPSS
Exploits1References1
NVD
NVD
added 2019/04/17 3:29 p.m.27 views

CVE-2018-4004

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...

7.1CVSS6.1AI score0.00376EPSS
Exploits1References1
NVD
NVD
added 2019/04/17 3:29 p.m.13 views

CVE-2018-4006

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An attacker wou...

9.3CVSS8.1AI score0.0068EPSS
Exploits1References1
CVE
CVE
added 2019/04/17 2:15 p.m.62 views

CVE-2018-4004

CVE-2018-4004 is a privilege-escalation vulnerability in the Shimo VPN helper service, specifically the disconnectService function, on macOS Shimo VPN 4.1.5.1. A non-root local user can terminate a privileged process by supplying a targeted PID, enabling privilege escalation. The issue arises fro...

7.1CVSS5.7AI score0.00376EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/04/17 12:0 a.m.4 views

PT-2019-10747 · Feingeist Software Gmbh · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN version 4.1.5.1 Description: A privilege escalation issue exists in the helper service of Shimo VPN, specifically in the deleteConfig functionality, allowing the program to delete any protected file on the system. An attacker would...

9CVSS8AI score0.00386EPSS
Exploits1References3
Talos
Talos
added 2019/04/15 12:0 a.m.107 views

Shimo VPN helper tool writeConfig privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An...

9.3CVSS8AI score0.0068EPSS
Exploits1
Rows per page
Query Builder