13 matches found
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
EUVD-2025-4302
Malicious code in bioql PyPI...
EUVD-2024-32754
Malicious code in bioql PyPI...
CVE-2024-6097
In Progress® Telerik® Reporting versions prior to 2025 Q1 19.0.25.211, information disclosure is possible by a local threat actor through an absolute path vulnerability...
CVE-2024-6097
In Progress® Telerik® Reporting versions prior to 2025 Q1 19.0.25.211, information disclosure is possible by a local threat actor through an absolute path vulnerability...
CVE-2024-6097 Absolute Path Traversal Vulnerability
In Progress® Telerik® Reporting versions prior to 2025 Q1 19.0.25.211, information disclosure is possible by a local threat actor through an absolute path vulnerability...
CVE-2024-6097 Absolute Path Traversal Vulnerability
In Progress® Telerik® Reporting versions prior to 2025 Q1 19.0.25.211, information disclosure is possible by a local threat actor through an absolute path vulnerability...
CVE-2024-1801
In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...
CVE-2024-10945
The CVE-2024-10945 entry maps to Rockwell Automation FactoryTalk Updater Agent privilege escalation. The vulnerability stems from a failure to perform proper security checks before installation, enabling a local, low-privileged attacker to replace certain files during an update. Affected software...
CVE-2024-4200
In Progress® Telerik® Reporting versions prior to 2024 Q2 18.1.24.2.514, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...
CVE-2024-4200
Progress Telerik Reporting (prior to 2024 Q2; 18.1.24.2.514) is affected by an insecure deserialization vulnerability that can lead to code execution by a local attacker. The issue affects the remote Windows host running the product, with the root cause being insecure deserialization in the appli...
CVE-2024-1801
In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...
CVE-2024-1801 Progress Telerik Reporting Local Deserialization Vulnerability
In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability...