Lucene search
K

72 matches found

Github Security Blog
Github Security Blog
added 2026/05/29 7:47 p.m.33 views

Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

5.8AI score0.00014EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-45020

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

4.2CVSS5.8AI score0.00014EPSS
Exploits0References3
Metasploit
Metasploit
added 2026/04/30 6:57 p.m.349 views

Microsoft Windows HTTP to LDAP Relay

This module supports running an HTTP server which validates credentials, and then attempts to execute a relay attack against an LDAP server on the configured RHOSTS hosts. It is not possible to relay NTLMv2 to LDAP due to the Message Integrity Check MIC. As a result, this will only work with...

6AI score
Exploits0
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.11 views

Veeam Backup And Replication 安全漏洞

Veeam Backup and Replication is a backup and replication software developed by the American company Veeam. There is a security vulnerability in Veeam Backup and Replication, which stems from an attack by an attacker with local administrator privileges who can bypass Windows driver signing...

6.7CVSS5.8AI score0.00171EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/26 5:17 p.m.151 views

Troll-Exploit

TrollStore TrollStore is a permasigned jailed app that can pe...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : samba-4.6.2-11.el7 (AXSA:2017-2305:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2305:06 advisory. It was found that samba did not enforce SMB signing when certain configuration options were enabled. A remote attacker could launch a...

7.4CVSS6.4AI score0.13334EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : samba4-4.2.10-7.AXS4 (AXSA:2016-577:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-577:04 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2016-2119...

7.5CVSS7.6AI score0.03097EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.7 views

CVE-2021-33592

NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function...

9.8CVSS7.9AI score0.02118EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/24 12:0 a.m.277 views

📄 macOS 10.12.2 XNU Kernel Privilege Escalation

This proof of concept targets a race‑condition vulnerability in the XNU kernel affecting macOS/iOS. By forcing a use‑after‑free condition on kernel ports, the exploit manipulates freed memory through a controlled spray, allowing a user‑controlled replacement object. Successful exploitation yields...

9.3CVSS8.5AI score0.0676EPSS
Exploits5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2476

Malware in sbrugna...

7.8CVSS7.8AI score0.00839EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-3842

Malware in sbrugna...

7.2CVSS7.4AI score0.00353EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-3222

Malware in sbrugna...

7.5CVSS7.6AI score0.03097EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-3838

Malware in sbrugna...

7.2CVSS7.4AI score0.00373EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4963

Malware in sbrugna...

7.8CVSS7.7AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-0988

Malware in sbrugna...

4.6CVSS6.1AI score0.00351EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-2846

Malware in sbrugna...

7.8CVSS8.4AI score0.01019EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15961

Malware in sbrugna...

7.8CVSS8.8AI score0.01113EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-4382

Malware in sbrugna...

2.1CVSS6.1AI score0.0039EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-2351

Malware in sbrugna...

5.9CVSS5AI score0.07308EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-0509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle's EdDSA...

7.3CVSS8.1AI score0.00886EPSS
Exploits0References2
Rows per page
Query Builder