EUVD-2024-54674

Malicious code in bioql PyPI...

CVE-2024-7457

The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS’s authorization model. Instead of validating the client's authorization reference, the helper invokes AuthorizationCopyRights using its own privileged context root, effectively authorizing itself...

CVE-2024-7457 macOS Stash network-management utility: Unauthorized Manipulation of System Network Preferences

The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS’s authorization model. Instead of validating the client's authorization reference, the helper invokes AuthorizationCopyRights using its own privileged context root, effectively authorizing itself...

CVE-2024-7457 macOS Stash network-management utility: Unauthorized Manipulation of System Network Preferences

The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of macOS’s authorization model. Instead of validating the client's authorization reference, the helper invokes AuthorizationCopyRights using its own privileged context root, effectively authorizing itself...

CVE-2024-7457

The CVE-2024-7457 entry concerns ws.stash.app.mac.daemon.helper on macOS. Affected component is the ws.stash.app.mac.daemon.helper, which improperly uses macOS AuthorizationCopyRights() with its own privileged context (root) instead of validating the client’s authorization reference. This allows ...

PT-2025-25165 · Unknown · Ws.Stash.App.Mac.Daemon.Helper

Name of the Vulnerable Software and Affected Versions: ws.stash.app.mac.daemon.helper affected versions not specified Description: The issue is caused by an incorrect use of macOS’s authorization model in the ws.stash.app.mac.daemon.helper tool. Instead of validating the client's authorization...

Endian Firewall 3.3.0 Cross Site Scripting

Exploit Title: Endian Firewall cross-site scripting XSS Date: 08/22/2019 Exploit Authors: Milad Soltanian + G0dfather @irpwn Vendor Homepage: https://www.endian.com Version : 3.3.0 An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2008-2312

Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file...

CVE-2008-2312

Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file...

CVE-2008-2312

CVE-2008-2312 affects Apple Mac OS X 10.4.11: Network Preferences stores PPP passwords in cleartext in a world-readable file, allowing local users to read sensitive credentials. Root cause: credentials stored insecurely. Impact: confidentiality of PPP passwords isCOMPLETE; exploitation is local. ...

Design/Logic Flaw

Network Preferences in Apple Mac OS X 10.4.11 stores PPP passwords in cleartext in a world-readable file, which allows local users to obtain sensitive information by reading this file...

Apple Airport Extreme fails to properly process 802.11 frames

Overview A vulnerability exists in the Apple AirPort Extreme wireless driver that may allow an attacker to crash a vulnerable system. Description The Apple AirPort Extreme adapter is an 802.11g compatible wireless adapter used in Apple OS X laptops and desktops. A flaw exists in the way AirPort...