24 matches found
PT-2021-6626 · Adobe · Adobe Creative Cloud Desktop Application
Name of the Vulnerable Software and Affected Versions: Adobe Creative Cloud Desktop Application for macOS version 5.3 and earlier Description: The issue is related to insufficient input validation in the Adobe Creative Cloud Desktop Application, which could allow an attacker to escalate privilege...
Safari Type Confusion / Sandbox Escape Exploit
This Metasploit module exploits an incorrect side-effect modeling of the 'in' operator. The DFG compiler assumes that the 'in' operator is side-effect free, however the embed element with the PDF plugin provides a callback that can trigger side-effects leading to type confusion CVE-2020-9850. The...
Docker Desktop Elevation of Privilege Vulnerability
Docker Desktop is an application for MacOS and Windows computers for building and sharing containerized applications and microservices. An elevation of privilege vulnerability exists in com.docker.vmnetd in Docker Desktop 2.3.0.3. The vulnerability stems from a lack of client-side authentication...
Murus 1.4.11 - Local Privilege Escalation
Murus 1.4.11 - Local Privilege Escalation I recently blogged about the prevalence of escalation hijack vulnerabilities amongst macOS applications. One example of this is the latest version of Murus firewall. By design it requires the user to authenticate every time in order to obtain the access i...