5 matches found
CVE-2023-45846
Incomplete cleanup in IntelR Power Gadget software for macOS all versions may allow an authenticated user to potentially enable denial of service via local access...
CVE-2025-4081
Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one. A local attacker with unprivileged access can execute the application with altered dynamic library successfully bypassi...
CVE-2024-12786 X1a0He Adobe Downloader XPC Service com.x1a0he.macOS.Adobe-Downloader.helper shouldAcceptNewConnection privileges management
A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege...
CVE-2023-45846
Incomplete cleanup in IntelR Power Gadget software for macOS all versions may allow an authenticated user to potentially enable denial of service via local access...
CVE-2002-0676
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates...