CVE-2018-4034

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

CVE-2018-4035

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

Privilege escalation

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

CVE-2018-4034

The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root...

CVE-2018-4043

An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

CVE-2018-4042

CVE-2018-4042 affects CleanMyMac X 4.04. The vulnerability is in the helper service’s removeLaunchdAgentAtPath function, where there is no validation of the calling application, allowing a local attacker to run as root and modify/delete root-owned files. The advisory notes this is addressed by up...

CVE-2018-4041

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

CVE-2018-4042

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

CVE-2018-4044

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

CVE-2018-4045

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

CVE-2018-4047

An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root...

Amazon Linux 2 : zziplib (ALAS-2019-1142)

An improper input validation was found in function zzipfetchdisktrailer of ZZIPlib, up to 0.13.68, that could lead to a crash in zzipparserootdirectory function of zzip/ip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.CVE-2018-7726 A...

McAfee Web Gateway Improper Input Validation Vulnerability

McAfee Web Gateway MWG is a security gateway product from McAfee USA. The product provides threat protection, application control, and data loss prevention. An improper input validation vulnerability exists in the proxy component of McAfee Web Gateway 7.8.2.0 and later. A remote attacker could...

CVE-2019-3581

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter...

CVE-2019-3581 McAfee Web Gateway denial of service attack due to Improper Input Validation

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter...

PHP 7.1.x < 7.1.7 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.7. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the GD Graphics Library LibGD in the gdImageCreateFromGifCtx function within file gdgifin.c...

Siemens SIMATIC S7-300 CPU

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Siemens Equipment : SIMATIC S7-300 CPU Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, resulting...

Low: zziplib

Issue Overview: An improper input validation was found in function zzipfetchdisktrailer of ZZIPlib, up to 0.13.68, that could lead to a crash in zzipparserootdirectory function of zzip/ip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip...

Schneider Electric Pro-face GP-Pro EX

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Pro-face GP-Pro EX Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify code to...

Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...