Lucene search
K

9 matches found

NVD
NVD
added 2025/12/18 4:15 p.m.10 views

CVE-2025-64723

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...

4.8CVSS0.00106EPSS
Exploits0References5
CVE
CVE
added 2025/12/18 3:15 p.m.9 views

CVE-2025-64723

Summary: Arduino IDE for macOS prior to 2.3.7 had overly permissive security entitlements that could bypass the macOS Hardened Runtime protections, enabling an attacker to inject malicious dynamic libraries into the process and access all TCC permissions granted to the app. Impact (as stated): by...

4.8CVSS6.3AI score0.00106EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.6 views

PT-2025-52244

Name of the Vulnerable Software and Affected Versions Arduino IDE versions prior to 2.3.7 Description Arduino IDE for macOS, before version 2.3.7, had overly permissive security entitlements. This configuration bypassed macOS Hardened Runtime protections, allowing attackers to inject malicious...

4.8CVSS6.6AI score0.00106EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/10/02 12:0 a.m.2 views

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

6.5AI score0.00126EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 12:0 a.m.7 views

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

0.00126EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.5 views

PT-2025-40365

Name of the Vulnerable Software and Affected Versions FrostWire version 6.14.0-build-326 Description The software has permissive entitlements, specifically allow-dyld-environment-variables and disable-library-validation. These entitlements permit unprivileged local attackers to inject code into t...

5.1CVSS6.7AI score0.00126EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/26 9:52 p.m.8 views

CVE-2024-55950 Tabby has a TCC Bypass via Unnecessary Permissive Entitlements in Tabby

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application currently holds...

8.6CVSS7.5AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/26 9:52 p.m.29 views

CVE-2024-55950 Tabby has a TCC Bypass via Unnecessary Permissive Entitlements in Tabby

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application currently holds...

8.6CVSS0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/26 12:0 a.m.4 views

PT-2024-36614 · Tabby · Tabby

Name of the Vulnerable Software and Affected Versions: Tabby versions prior to 1.0.216 Description: The Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application...

8.6CVSS8.1AI score0.00297EPSS
Exploits0References12
Rows per page
Query Builder