Lucene search
K

38 matches found

EUVD
EUVD
added 2026/07/01 2:7 p.m.5 views

EUVD-2026-41001

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:7 p.m.38 views

CVE-2026-12374

CVE-2026-12374 affects the macOS PrivilegedHelperTool in Cato Client prior to v5.13.1. The issue combines improper XPC caller certificate validation with a TOCTOU race, allowing a local authenticated attacker to escalate to root by using a self-signed certificate that bypasses XPC caller verifica...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:7 p.m.5 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/10 12:16 p.m.15 views

CVE-2026-24066

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

8.4CVSS0.00122EPSS
Exploits1References2
NVD
NVD
added 2026/06/10 12:16 p.m.15 views

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

8.4CVSS0.00131EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/10 11:43 a.m.9 views

CVE-2026-24066 Slate Digital Connect macOS XPC certificate validation privilege escalation

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

5.4AI score0.00122EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/10 11:43 a.m.43 views

CVE-2026-24066 Slate Digital Connect macOS XPC certificate validation privilege escalation

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

0.00122EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.21 views

PT-2026-48400

Name of the Vulnerable Software and Affected Versions Slate Digital Connect version 1.37.0 Description The software installs a privileged helper tool, 'com.slatedigital.connect.privileged.helper.tool', which exposes the XPC service 'com.slatedigital.connect.privileged.helper.tool2'. The helper...

8.4CVSS5.2AI score0.00122EPSS
Exploits1References7
GithubExploit
GithubExploit
added 2026/01/27 2:27 a.m.189 views

Exploit for CVE-2024-11467

CVE-2024-11467 The macOS operating system uses XPC services f...

7.8CVSS6AI score0.00184EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4586

Malware in sbrugna...

5.5CVSS5.6AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-20349

Malware in sbrugna...

10CVSS9.5AI score0.01592EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-15838

Malware in sbrugna...

6.2CVSS6AI score0.00357EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-19222

Malware in sbrugna...

10CVSS9.5AI score0.01831EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54672

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00125EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/13 12:11 a.m.9 views

CVE-2024-9062

The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the "factored applications" model, delegating privileged operations—such as arbitra...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 2025/06/11 12:15 a.m.10 views

CVE-2024-9062

The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the "factored applications" model, delegating privileged operations—such as arbitra...

7.8CVSS0.00125EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/10 11:25 p.m.13 views

CVE-2024-9062 macOS Archify: Local Privilege Escalation

The Archify application contains a local privilege escalation vulnerability due to insufficient client validation in its privileged helper tool, com.oct4pie.archifyhelper, which is exposed via XPC. Archify follows the "factored applications" model, delegating privileged operations—such as arbitra...

7.8CVSS7.5AI score0.00125EPSS
Exploits0References2
CVE
CVE
added 2025/06/10 11:25 p.m.57 views

CVE-2024-9062

CVE-2024-9062 – macOS Archify local privilege escalation : The vulnerability affects the Archify privileged helper tool, com.oct4pie.archifyhelper, which runs as root and is exposed via XPC. The root cause is insufficient client validation by the helper, which does not verify code signatures, ent...

7.8CVSS7.7AI score0.00125EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:17 a.m.10 views

CVE-2018-8739

VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root...

10CVSS7.7AI score0.01592EPSS
Exploits0References1
NVD
NVD
added 2019/12/29 7:15 p.m.18 views

CVE-2019-20057

com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks...

4.3CVSS4.1AI score0.00431EPSS
Exploits0References1
Rows per page
Query Builder