Lucene search
K

32960 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/11 6:2 p.m.3 views

CVE-2026-0230

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...

6.7CVSS5.8AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.6 views

PT-2026-24754

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection...

6.7CVSS5.8AI score0.00144EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.7 views

Palo Alto Networks Cortex XDR Broker VM 安全漏洞

Palo Alto Networks Cortex XDR Broker VM is a secure virtual machine developed by Palo Alto Networks. It integrates with Cortex XDR and can bridge networks with Cortex XDR. There is a security vulnerability in the Palo Alto Networks Cortex XDR agent. This vulnerability stems from issues with the...

6.7CVSS5.8AI score0.00144EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/10 12:0 a.m.5 views

Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS6.2AI score0.00249EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/10 12:0 a.m.6 views

Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS5.2AI score0.00237EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/10 12:0 a.m.3 views

Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must receive a malicious file that is written to the local filesystem. The specific flaw exists within the...

7.8CVSS6.2AI score0.0054EPSS
Exploits0References1
Adobe
Adobe
added 2026/03/10 12:0 a.m.95 views

APSB26-26 : Security update available for Adobe Acrobat Reader

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and privilege escalation...

6.3AI score
Exploits0Affected Software3
Adobe
Adobe
added 2026/03/10 12:0 a.m.17 views

APSB26-30 : Security update available for Adobe DNG SDK

Adobe has released an update for the Adobe DNG Software Development Kit SDK for Windows and macOS. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and application denial-of-service...

6.3AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

Adobe Acrobat < 24.001.30356 / 25.001.21288 Multiple Vulnerabilities (APSB26-26) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 24.001.30356 or 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability...

7.8CVSS6.4AI score0.00352EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.2 views

Adobe Premiere Pro < 25.6 Arbitrary code execution (APSB26-28) (macOS)

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 25.6. It is, therefore, affected by a vulnerability as referenced in the APSB26-28 advisory. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2026-27269 Note that Nessus has not tested...

7.8CVSS6.2AI score0.00159EPSS
Exploits0References2
Apple
Apple
added 2026/03/10 12:0 a.m.17 views

Apple Security Update: macOS Tahoe 26.3.2

Apple recommends to install security update macOS Tahoe 26.3.2 on devices MacBook Neo...

5.8AI score
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/09 7:52 p.m.4 views

GHSA-RCHV-X836-W7XP OpenClaw's dashboard leaked gateway auth material via browser URL/query and localStorage

OpenClaw's macOS Dashboard flow exposed Gateway authentication material to browser-controlled surfaces. Before the fix, the macOS app appended the shared Gateway token and password to the Dashboard URL query string when opening the Control UI in the browser. The Control UI then imported the token...

7.1CVSS5.8AI score
Exploits0References4
HackRead
HackRead
added 2026/03/09 5:31 p.m.12 views

Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS

Researchers warn of a fake CleanMyMac site using a ClickFix attack to install SHub Stealer on macOS and steal passwords and crypto wallets...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.3 views

CVE-2026-30798

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop, strategy processing modules allows Protocol Manipulation. This vulnerability is...

8.2CVSS5.8AI score0.00288EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.6 views

CVE-2026-30791

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...

8.7CVSS5.8AI score0.0024EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.6 views

CVE-2026-30785

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution', Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbbcommon on Windows, MacOS, Linux Password security module, config encryption, machine U...

8.2CVSS5.8AI score0.00083EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.7 views

CVE-2026-30783

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Client signaling, API sync loop, config management modules allows Privilege Abuse. This vulnerability is associated with program files src/rendezvousmediator.Rs, src/hbbshttp/sync....

9.8CVSS5.8AI score0.00376EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:45 p.m.6 views

CVE-2026-30792

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Strategy sync, HTTP API client, config options engine modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...

9.1CVSS5.8AI score0.00265EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/06 2:37 p.m.6 views

CVE-2026-3598

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...

8.7CVSS5.8AI score0.00226EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2026/03/06 8:44 a.m.34 views

Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets

A convincing fake version of the popular Mac utility CleanMyMac is tricking users into installing malware. The site instructs visitors to paste a command into Terminal. If they do, it installs SHub Stealer, macOS malware designed to steal sensitive data including saved passwords, browser data,...

5.7AI score
Exploits0
Rows per page
Query Builder