EUVD-2026-24209

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

PT-2026-34037

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

CVE-2026-40191

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta-1f46165, ClearanceKit's Endpoint Security event handler only checked the source path of dual-path file operations against File Access Authorization FAA rules and App Jail...

PT-2026-32041

Name of the Vulnerable Software and Affected Versions ClearanceKit versions prior to 5.0.4-beta-1f46165 Description ClearanceKit monitors file system access on macOS and applies access policies per process. Before version 5.0.4-beta-1f46165, the Endpoint Security event handler only verified the...

CVE-2026-34218

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

PT-2026-29276

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

EUVD-2026-16373

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

CVE-2025-59390

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...

EUVD-2025-199714

Apache Druid’s Kerberos authenticator uses a weak fallback secret...

CVE-2025-61770

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes before the first boundary in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing...

PT-2025-41012

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.19 Rack versions prior to 3.1.17 Rack versions prior to 3.2.2 Description Rack is a modular Ruby web server interface. The Rack::Multipart::Parser component does not limit the size of the multipart preamble,...

PT-2024-31700 · Cursor · Cursor

Name of the Vulnerable Software and Affected Versions: Cursor versions prior to 0.41.0 Description: The issue affects Cursor, an artificial intelligence code editor, on macOS. If a user has granted Cursor access to the camera or microphone, any program run on the machine can access these devices...

CVE-2018-5743

A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...

bind: Limiting simultaneous TCP clients is ineffective

A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone...

Job Fails to Start Due to Timeout Caused by Desktop Heap Allocation Failure

Article Applicability The timeout error displayed in Veeam Backup & Replication can be caused by various factors. This article explicitly addresses a scenario where the Windows OS experiences a 'heap allocation' failure. Please note that the solution provided in this article is only applicable if...

FreeBSD Security Advisory (FreeBSD-SA-09:06.ktimer.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:06.ktimer.asc ADV FreeBSD-SA-09:06.ktimer.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:06.ktimer.asc Authors: Thomas Reinke Copyright: Copyright c 2009...