Lucene search
K

855 matches found

redhatcve
redhatcve
added 2026/03/28 11:9 p.m.3 views

CVE-2026-33874

Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik...

7.8CVSS6.1AI score0.00282EPSS
Exploits0References1
cve
cve
added 2026/03/19 10:6 p.m.9 views

CVE-2026-32016

OpenClaw on macOS versions prior to 2026.2.22 contains a path validation bypass in the exec-approval allowlist mode. This allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries, enabling same-name local binaries (e.g., ./echo) to run without approval...

7.8CVSS5.9AI score0.00122EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2026/03/12 12:0 a.m.5 views

Google Chrome < 146.0.7680.75 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.75. It is, therefore, affected by a vulnerability as referenced in the 202603stable-channel-update-for-desktop12 advisory. - Inappropriate implementation in V8. CVE-2026-3910 Note that Nessus has not tested for...

8.8CVSS6.2AI score0.02EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/03/11 12:0 a.m.9 views

Palo Alto Networks Cortex XDR Broker VM 安全漏洞

Palo Alto Networks Cortex XDR Broker VM is a secure virtual machine developed by Palo Alto Networks. It integrates with Cortex XDR and can bridge networks with Cortex XDR. There is a security vulnerability in the Palo Alto Networks Cortex XDR agent. This vulnerability stems from issues with the...

6.7CVSS5.8AI score0.00144EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/06 12:0 a.m.7 views

Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect and Acronis Cyber Protect Cloud Agent are both products of Swiss company Acronis. Acronis Cyber Protect is an integrated network protection solution for businesses and enterprises. It combines features such as backup, anti-malware, network security, and endpoint management...

7.8CVSS7.1AI score0.00105EPSS
Exploits0References1
susecve
susecve
added 2026/03/04 12:28 a.m.4 views

SUSE CVE-2026-24051

OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking Untrusted Search Paths on macOS/Darwin systems. The resource detection code in sdk/resource/hostid.go executes the ioreg system command using a search pat...

7CVSS6AI score0.00157EPSS
Exploits0References4
debiancve
debiancve
added 2026/02/24 2:32 p.m.7 views

CVE-2026-3102

A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be...

8.8CVSS6.3AI score0.03411EPSS
Exploits2
nvd
nvd
added 2026/02/17 10:18 p.m.7 views

CVE-2026-2629

A weakness has been identified in jishi node-sonos-http-api up to 3776f0ee2261c924c7b7204de121a38100a08ca7. Affected is the function Promise of the file lib/tts-providers/mac-os.js of the component TTS Provider. This manipulation of the argument phrase causes os command injection. It is possible ...

7.5CVSS0.01693EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/02/11 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.3 and earlier contained a security vulnerability caused by improper handling of temporary files, which could allow applications to access sensitive user data...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
nessus
nessus
added 2026/02/10 12:0 a.m.4 views

Adobe Lightroom Classic < 15.1.1 Arbitrary code execution (APSB26-06) (macOS)

The version of Adobe Lightroom Classic installed on the remote macOS host is prior to 15.1.1. It is, therefore, affected by a vulnerability as referenced in the APSB26-06 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2026-21349 Note that Nessus has no...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/02/03 3:18 p.m.27 views

CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

8.8CVSS5.8AI score0.00213EPSS
Exploits1References1
nessus
nessus
added 2026/01/14 12:0 a.m.3 views

Mozilla Firefox < 147.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 147.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-01 advisory. - Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory...

10CVSS7.5AI score0.0057EPSS
Exploits1References17
redhatcve
redhatcve
added 2026/01/09 11:56 a.m.8 views

CVE-2018-4285

A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6...

9.3CVSS6.1AI score0.00796EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:56 a.m.10 views

CVE-2018-4403

This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1...

5.5CVSS6.4AI score0.00688EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:55 a.m.6 views

CVE-2018-4289

An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6...

7.1CVSS6AI score0.00796EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:36 a.m.8 views

CVE-2021-41388

Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call external methods...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:50 a.m.6 views

CVE-2020-24559

A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as roo...

7.8CVSS7.7AI score0.00787EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:2 a.m.8 views

CVE-2023-25133

Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote...

9.8CVSS7.7AI score0.01034EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/07 9:48 a.m.7 views

CVE-2022-27904

Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use TOCTOU race-condition attack during the agent install process...

7CVSS6.8AI score0.00165EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16519

ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled tasks...

7.8CVSS7.1AI score0.00302EPSS
Exploits0References1
Rows per page
Query Builder