CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...

electerm: electerm_install_script_CommandInjection Vulnerability Report

Impact What kind of vulnerability is it? Who is impacted? Command Injection vulnerabilities in electerm: A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an exec"open...

CVE-2025-30662

The CVE-2025-30662 issue is a symlink-following flaw in the macOS installer for Zoom Workplace VDI Plugin, affecting Universal installers prior to 6.3.14, 6.4.14, and 6.5.10. The root cause is symlink following during installation, which could allow an authenticated user to disclose information v...

The vulnerability of the VMware Carbon Black Cloud for MacOS installer relates to memory object processing errors, which allows an attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the VMware Carbon Black Cloud for MacOS installer is related to errors in memory object processing. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

MS15-080: Description of the security update for Silverlight 5: August 11, 2015

MS15-080: Description of the security update for Silverlight 5: August 11, 2015 Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These vulnerabilities could allow remote code execution if a user opens a specially crafted document or...