Mozilla Firefox < 151.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 151.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-46 advisory. - Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs...

Mozilla Firefox ESR < 115.36

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.36. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-47 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefo...

Wireshark 2.0.x < 2.0.4 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.4 advisory. - epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the...

Mozilla Thunderbird < 150.0.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 150.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-38 advisory. - Information disclosure due to incorrect boundary conditions in the Audio/Video component. This...

Mozilla Thunderbird < 150.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 150.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-33 advisory. - Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerabili...

VMware Fusion 13.x, 25H2 < 25H2u1 Improper Restriction of Communication Channel to Intended Endpoints (VMSA-2026-0002)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 13.x, 25H2 prior to 25H2u1. It is, therefore, affected by a vulnerability. - VMWare Workstation and Fusion contain a logic flaw in the management of network packets. A malicious actor with administrative privileges on ...

CVE-2026-31993

OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...

Improper Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Authorization in the system.run due to a parsing mismatch in allowlist checks for shell-chain payloads. An attacker can execute unauthorized shell commands on a paired macOS host...

Microsoft Windows App < 11.3.2 Local Privilege Escalation (CVE-2026-21517)

The version of Microsoft Windows App installed on the remote macOS host is prior to 11.3.2. It is, therefore, affected by a local privilege escalation vulnerability: - Improper link resolution before file access 'link following' in Windows App for Mac allows an authorized attacker to elevate...

Mozilla Firefox ESR < 115.32

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-02 advisory. - Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefo...

Mozilla Thunderbird < 10.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 10.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2012-06 advisory. - Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize...

Mozilla Firefox < 85.0.1

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 85.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-06 advisory. - In the Angle graphics library, depth pitch computations did not take into account the block size and simply multipli...

Mozilla Thunderbird < 52.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-13 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex...

Mozilla Firefox < 53.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 53.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-10 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 ...

Google Chrome < 138.0.7204.183 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.183. It is, therefore, affected by a vulnerability as referenced in the 202507stable-channel-update-for-desktop29 advisory. - Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a...

Google Chrome < 138.0.7204.168 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.168. It is, therefore, affected by multiple vulnerabilities as referenced in the 202507stable-channel-update-for-desktop22 advisory. - Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a...

Google Chrome < 138.0.7204.92 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.92. It is, therefore, affected by a vulnerability as referenced in the 202506stable-channel-update-for-desktop30 advisory. - Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacke...

Google Chrome < 137.0.7151.55 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 137.0.7151.55. It is, therefore, affected by multiple vulnerabilities as referenced in the 202505stable-channel-update-for-desktop27 advisory. - Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a...

CVE-2020-14711

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle...

Google Chrome < 136.0.7103.113 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 136.0.7103.113. It is, therefore, affected by multiple vulnerabilities as referenced in the 202505stable-channel-update-for-desktop14 advisory. - Chromium/Google Chrome is vulnerable to insufficient policy enforcement in...