CVE-2026-24070

During the installation of the Native Access application, a privileged helper com.native-instruments.NativeAccess.Helper2, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC servi...

CVE-2026-24071 XPC Client Validation via PID leading to Local Privilege Escalation in Native Instruments Native Access

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

CVE-2026-24070

CVE-2026-24070 describes a local privilege escalation in Native Instruments Native Access. The installer deploys a privileged helper (com.native-instruments.NativeAccess.Helper2) used via XPC to perform actions like copy-file, remove, or set-permissions. The XPC service restricts access to client...

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access, which stems from the application having permission to allow DYLIB injection, potentially leading to...

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access. This vulnerability stems from the Privilege Assistant XPC service using client PID for verifying code...

PT-2026-5657

Name of the Vulnerable Software and Affected Versions Native Instruments Native Access affected versions not specified Description The Native Access application installs a privileged helper, com.native-instruments.NativeAccess.Helper2, used for triggering functions via XPC communication, such as...

EUVD-2011-0727

Malware in sbrugna...

Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. It is due to buffer overflow flaws in sndusbcaiaqaudioinit and sndusbcaiaqmidiinit could allow a local, unprivileged user with access to a Native Instruments USB audio device to cause a denial of service or escalate their privileges...

Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability

No description provided by source. !/usr/local/bin/perl Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.2.6.8491 Standalone Summary: TRAKTOR PRO is the new...

Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption Vulnerability

No description provided by source. Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 5.5.1 R10584 or 5.5.1.10584 Tested on: Microsoft Windows XP Professional SP3...

Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC

No description provided by source. / Title: Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 4.1.3.4125 Standalone Summary: KONTAKT 4 PLAYER is the free sample...

Native Instruments Service Center 2.2.5 - Local Privilege Escalation Vulnerability

No description provided by source. Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 2.2.5 R596 Summary: The NI Service Center is a service used for Product...

Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability

No description provided by source. !/usr/bin/perl Title: Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.1.4 R1901 Summary: MASSIVE is a sonic monster ? the...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2015 advisory. - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set CVE-2011-1573 - dccp: fix oops on Reset after close CVE-2011-1093 - bridge:...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1146-1)

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

Ubuntu 10.04 LTS : linux, linux-ec2 vulnerabilities (USN-1141-1)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

USN-1146-1: Linux kernel vulnerabilities

Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAPNETADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. CVE-2010-4655 Kees Cook discovered that the IOWarrior USB device driver did n...

[USN-1141-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1141-1 May 31, 2011 linux, linux-ec2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

CVE-2011-0712

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to 1 the sndusbcaiaqaudioinit...

CVE-2011-0712

Technical details about CVE-2011-0712 are not publicly provided in the supplied documents. Monitor for updates in connected advisories; no confirmed affected products, versions, or fixes are stated here.