18 matches found
WordPress plugin Alliance 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2025-62686
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...
CVE-2025-55076
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...
CVE-2025-62686
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...
CVE-2025-55076
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...
CVE-2025-62686
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...
PT-2025-48949
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLD INSERT LIBRARIES environment...
CVE-2025-62686
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...
Plugin Alliance Aquarius Desktop 安全漏洞
Plugin Alliance Aquarius Desktop is an audio plugin management software from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius Desktop version 3.0.069, which stems from the Supported Data Archiving feature not properly handling symbolic links, which could lead to...
CVE-2025-62686
This CVE affects Plugin Alliance Installation Manager v1.4.0 on macOS, specifically the InstallationHelper service. The root cause is missing hardened runtime and a __RESTRICT segment, allowing local users to abuse the DYLD_INSERT_LIBRARIES environment variable to inject a dynamic library, potent...
Plugin Alliance Aquarius HelperTool 安全漏洞
Plugin Alliance Aquarius HelperTool is an audio plugin helper tool from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius HelperTool version 1.0.003, which stems from the XPC service not validating the client's identity and flawed authorization logic, which could...
Plugin Alliance Installation Manager 安全漏洞
Plugin Alliance Installation Manager is a plugin manager from US-based Plugin Alliance. A security vulnerability exists in Plugin Alliance Installation Manager version v1.4.0 that originates when the InstallationHelper service accepts an unauthenticated XPC connection, which could lead to the...
Plugin Alliance Installation Manager 安全漏洞
Plugin Alliance Installation Manager is a plugin manager from Plugin Alliance USA. A security vulnerability exists in Plugin Alliance Installation Manager version v1.4.0, which stems from a missing hardened runtime and RESTRICT segments in the Plugin Alliance InstallationHelper service on macOS,...
CVE-2025-55076
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...
CVE-2025-55076
The CVE-2025-55076 entry describes a local privilege escalation in Plugin Alliance Installation Manager v1.4.0 for macOS, via the InstallationHelper service that accepts unauthenticated XPC connections and passes input to system(). This could allow a local user to execute arbitrary commands with ...
CVE-2025-55076
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...
CVE-2025-62686
A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a RESTRICT segment, a local user may exploit the DYLDINSERTLIBRARIES environment...
Plugin Alliance Aquarius Desktop 安全漏洞
Plugin Alliance Aquarius Desktop is an audio plugin management software from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius Desktop version 3.0.069 that stems from the use of a weak obfuscation scheme to store user authentication credentials, which could lead to...