EUVD-2025-200069

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

UBUNTU-CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

EUVD-2017-16952

Malware in sbrugna...

EUVD-2017-15493

Malware in sbrugna...

EUVD-2017-15495

Malware in sbrugna...

Mac OS X Persistent Payload Installer

This module provides a persistent boot payload by creating a launch item, which can be a LaunchAgent or a LaunchDaemon. LaunchAgents run with user level permissions and are triggered upon login by a plist entry in /Library/LaunchAgents. LaunchDaemons run with elevated privilleges, and are launche...

CVE-2025-0196

A vulnerability classified as critical has been found in code-projects Point of Sales and Inventory Management System 1.0. This affects an unknown part of the file /user/plist.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The...

USN-6513-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. CVE-2022-48564 It was discovered...

Denial Of Service (DoS)

python3.9 is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the plistlib module parses certain Apple Property List plist files in binary format. A remote attacker can exploit this vulnerability by sending a specially crafted plist file, which could...

EulerOS 2.0 SP3 : libplist (EulerOS-SA-2020-2125)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation...

Debian DLA-2168-1 : libplist security update

libplist is a library for reading and writing the Apple binary and XML property lists format. It's part of the libimobiledevice stack, providing access to iDevices iPod, iPhone, iPad .... CVE-2017-5209 The base64decode function in base64.c allows attackers to obtain sensitive information from...

Keybase: Privilege Escalation via Keybase Helper

A privilege escalation vulnerability exists within the KeybaseHelper application available when installing the Keybase Desktop Application on MacOS. The issue is exposed via a LaunchDaemon plist which is installed within /Library/LaunchDaemons/keybase.Helper.plist. This file is responsible for...

CVE-2018-10812

The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/sharedprefs/com.bitpiepreferences.xml on Android or a plist file in the app data folder on iO...

CVE-2017-2675

Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Library/LaunchDaemons...

Denial Of Service (DoS)

libplist is vulnerable to denial of service DoS attacks. The vulnerability exists because the parsestringnode function in bplist.c does not properly handle malloc failure , allowing the attacker to cause a denial of service through a plist file locally...

CVE-2017-6435

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...

CVE-2017-6438

Heap-based buffer overflow in the parseunicodenode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write and possibly code execution via a crafted plist file...

CVE-2017-6439

Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...

CVE-2017-6436

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...