9 matches found
CVE-2025-64723
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...
CVE-2025-64723
Summary: Arduino IDE for macOS prior to 2.3.7 had overly permissive security entitlements that could bypass the macOS Hardened Runtime protections, enabling an attacker to inject malicious dynamic libraries into the process and access all TCC permissions granted to the app. Impact (as stated): by...
PT-2025-52244
Name of the Vulnerable Software and Affected Versions Arduino IDE versions prior to 2.3.7 Description Arduino IDE for macOS, before version 2.3.7, had overly permissive security entitlements. This configuration bypassed macOS Hardened Runtime protections, allowing attackers to inject malicious...
CVE-2025-57443
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...
CVE-2025-57443
FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...
PT-2025-40365
Name of the Vulnerable Software and Affected Versions FrostWire version 6.14.0-build-326 Description The software has permissive entitlements, specifically allow-dyld-environment-variables and disable-library-validation. These entitlements permit unprivileged local attackers to inject code into t...
CVE-2024-55950 Tabby has a TCC Bypass via Unnecessary Permissive Entitlements in Tabby
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application currently holds...
CVE-2024-55950 Tabby has a TCC Bypass via Unnecessary Permissive Entitlements in Tabby
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application currently holds...
PT-2024-36614 · Tabby · Tabby
Name of the Vulnerable Software and Affected Versions: Tabby versions prior to 1.0.216 Description: The Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application...