EulerOS 2.0 SP13 : python3 (EulerOS-SA-2026-1256)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

BIT-PYTHON-2025-13837 Out-of-memory when loading Plist

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

EUVD-2025-200069

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

UBUNTU-CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

EUVD-2017-15496

Malware in sbrugna...

EUVD-2017-16952

Malware in sbrugna...

EUVD-2017-15493

Malware in sbrugna...

EUVD-2017-15495

Malware in sbrugna...

EUVD-2017-15497

Malware in sbrugna...

EUVD-2017-15492

Malware in sbrugna...

Mac OS X Persistent Payload Installer

This module provides a persistent boot payload by creating a launch item, which can be a LaunchAgent or a LaunchDaemon. LaunchAgents run with user level permissions and are triggered upon login by a plist entry in /Library/LaunchAgents. LaunchDaemons run with elevated privilleges, and are launche...

CVE-2025-0196

A vulnerability classified as critical has been found in code-projects Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file /user/plist.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The...

USN-6513-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. CVE-2022-48564 It was discovered...

Denial Of Service (DoS)

python3.9 is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the plistlib module parses certain Apple Property List plist files in binary format. A remote attacker can exploit this vulnerability by sending a specially crafted plist file, which could...

EulerOS 2.0 SP3 : libplist (EulerOS-SA-2020-2125)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation...

Debian DLA-2168-1 : libplist security update

libplist is a library for reading and writing the Apple binary and XML property lists format. It's part of the libimobiledevice stack, providing access to iDevices iPod, iPhone, iPad .... CVE-2017-5209 The base64decode function in base64.c allows attackers to obtain sensitive information from...

Keybase: Privilege Escalation via Keybase Helper

A privilege escalation vulnerability exists within the KeybaseHelper application available when installing the Keybase Desktop Application on MacOS. The issue is exposed via a LaunchDaemon plist which is installed within /Library/LaunchDaemons/keybase.Helper.plist. This file is responsible for...

The vulnerability of Grand Central Dispatch in the Mac OS X operating system allows a hacker to circumvent the limitations of a isolated environment.

The vulnerability of Grand Central Dispatch in the Mac OS X operating system is related to errors in analyzing .plist files during authentication processes. Exploiting this vulnerability can allow attackers to circumvent restrictions in a isolated environment...

CVE-2018-10812

The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/sharedprefs/com.bitpiepreferences.xml on Android or a plist file in the app data folder on iO...