71 matches found
CVE-2026-35228
Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...
CVE-2026-35228
Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...
CVE-2026-35228
Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...
CVE-2026-35228
CVE-2026-35228 affects Oracle MCP Server Helper Tool (Oracle Open Source Projects) with vulnerable versions 1.0.1–1.0.156. An unauthenticated attacker can reach the server over HTTP and, according to the description, could cause the tool to execute malicious SQL. The Connected documents provide t...
Oracle MCP Server Helper Tool SQL注入漏洞
The Oracle MCP Server Helper Tool is a server assistance tool developed by Oracle Corporation. Versions 1.0.1 to 1.0.156 of the Oracle MCP Server Helper Tool contain SQL injection vulnerabilities. These vulnerabilities stem from issues with the helper tool component, allowing unauthenticated...
PT-2026-36964
Name of the Vulnerable Software and Affected Versions Oracle MCP Server Helper Tool versions 1.0.1 through 1.0.156 Description An unauthenticated attacker with network access via HTTP can compromise the Oracle MCP Server Helper Tool. This issue allows the execution of malicious SQL, a technique...
📄 Vienna Assistant 1.2.542 macOS Privilege Escalation
A macOS helper service interface implemented via NSXPC was observed exposing methods that may allow privileged operations such as file writing and command execution through a remote proxy connection...
CVE-2026-24068 Missing XPC Client & NSXPC endpoint validation leads to privilege escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...
CVE-2026-24068
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can...
PT-2026-28337
Name of the Vulnerable Software and Affected Versions Vienna Assistant affected versions not specified Description The Vienna Assistant privileged helper utilizes NSXPC for Inter-Process Communication IPC. The implementation of the shouldAcceptNewConnection function, used by the NSXPC framework t...
Exploit for CVE-2024-11467
CVE-2024-11467 The macOS operating system uses XPC services f...
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
CVE-2025-65843
Aquarius Desktop 3.0.069 for macOS contains an insecure file handling vulnerability in its support data archive generation feature. The application follows symbolic links placed inside the /Library/Logs/Aquarius directory and treats them as regular files. When building the support ZIP, Aquarius...
EUVD-2025-200251
A weakness has been identified in Yohann0617 oci-helper up to 3.2.4. This issue affects the function addCfg of the file src/main/java/com/yohann/ocihelper/service/impl/OciServiceImpl.java of the component OCI Configuration Upload. Executing manipulation of the argument File can lead to path...
EUVD-2018-15838
Malware in sbrugna...
EUVD-2018-19222
Malware in sbrugna...
EUVD-2019-4586
Malware in sbrugna...
EUVD-2018-20349
Malware in sbrugna...
EUVD-2024-54672
Malicious code in bioql PyPI...