Lucene search
K

24 matches found

Cvelist
Cvelist
โ€ขadded 2026/07/06 7:41 p.m.โ€ข36 views

CVE-2026-14898

The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image U...

0.00221EPSS
Exploits0References1
CVE
CVE
โ€ขadded 2026/07/06 7:41 p.m.โ€ข16 views

CVE-2026-14898

The CVE affects the OpenAI Codex desktop app for macOS, where rendering remote images from Markdown in model responses can exfiltrate data. An indirect prompt injection in content (e.g., from connected tools or untrusted sources) could cause the model to construct a remote image URL containing se...

6.5CVSS6.1AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2026/01/09 8:34 a.m.โ€ข9 views

CVE-2024-41138

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams work or school 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject...

9.8CVSS6.8AI score0.00899EPSS
Exploits1References1
RedhatCVE
RedhatCVE
โ€ขadded 2026/01/07 9:27 a.m.โ€ข5 views

CVE-2019-12137

Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note...

7.8CVSS6.9AI score0.06451EPSS
Exploits5References1
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข4 views

EUVD-2021-27023

Malware in sbrugna...

8.8CVSS8.1AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
โ€ขadded 2025/10/07 12:30 a.m.โ€ข5 views

EUVD-2017-8960

Malware in sbrugna...

7.8CVSS7.7AI score0.00796EPSS
Exploits0References2
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข6 views

EUVD-2023-32662

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.04373EPSS
Exploits1References7
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข7 views

EUVD-2024-54673

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข3 views

EUVD-2024-49970

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00134EPSS
Exploits0References1
NVD
NVD
โ€ขadded 2025/09/24 1:15 p.m.โ€ข2 views

CVE-2025-10906

A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can...

8.6CVSS0.00224EPSS
Exploits0References5
CVE
CVE
โ€ขadded 2025/06/12 11:22 p.m.โ€ข101 views

CVE-2025-4232

CVE-2025-4232 (Palo Alto Networks GlobalProtect on macOS) is an privilege-escalation flaw in the log collection feature caused by improper neutralization of wildcards. The issue affects GlobalProtect app versions on macOS prior to 6.2.8-h2 (and 6.3.x prior to 6.3.3 per Nessus plugin) and can allo...

8.8CVSS6.6AI score0.00426EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 5:31 a.m.โ€ข11 views

CVE-2023-29059

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...

7.8CVSS7AI score0.04373EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
โ€ขadded 2025/04/02 12:0 a.m.โ€ข4 views

Sand Studio AirDroid Installed (macOS)

Binary data airdroidmacinstalled.nbin...

7.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
โ€ขadded 2025/03/26 3:23 p.m.โ€ข15 views

CVE-2025-2098 Dylib Hijacking in Fast CAD Reader

Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...

8.4CVSS7.3AI score0.00164EPSS
Exploits0References2
NVD
NVD
โ€ขadded 2025/02/28 9:15 a.m.โ€ข11 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
CVE
CVE
โ€ขadded 2025/01/17 8:10 p.m.โ€ข78 views

CVE-2025-21606

CVE-2025-21606 affects the macOS Stats application. The vulnerable component is the Mach service eu.exelban.Stats.SMC.Helper, exposed via XPC. The root cause is shouldAcceptNewConnection unconditionally returning YES, allowing any XPC client to connect and invoke privileged methods on the HelperT...

8.7CVSS7.8AI score0.00261EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
โ€ขadded 2024/11/12 12:0 a.m.โ€ข16 views

Adobe Bridge < 14.1.3 Multiple Vulnerabilities (APSB24-77)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 14.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-77 advisory. - Out-of-bounds Read CWE-125 potentially leading to Memory leak CVE-2024-45147 - NULL Pointer Dereference...

5.5CVSS5.6AI score0.00258EPSS
Exploits0References3
Cvelist
Cvelist
โ€ขadded 2023/03/30 12:0 a.m.โ€ข44 views

CVE-2023-29059

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...

7.7AI score0.04373EPSS
Exploits1References6
Vulnrichment
Vulnrichment
โ€ขadded 2023/03/30 12:0 a.m.โ€ข12 views

CVE-2023-29059

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX...

7.7AI score0.04373EPSS
Exploits1References6
CNVD
CNVD
โ€ขadded 2021/05/20 12:0 a.m.โ€ข8 views

Telegram Stack Overflow Vulnerability (CNVD-2021-38308)

Telegram is an instant messaging mobile application. A stack overflow vulnerability exists in the custom derived graysplitcubic function of the Rlottie library for Telegram Android version prior to 7.1.0 2090, iOS version prior to 7.1, and macOS version prior to 7.1. An attacker can exploit this...

7.1CVSS6.7AI score0.01101EPSS
Exploits1References1
Rows per page
Query Builder