32 matches found
EUVD-2022-37385
Malicious code in bioql PyPI...
EUVD-2025-31099
Malicious code in bioql PyPI...
EUVD-2022-37384
Malicious code in bioql PyPI...
CVE-2025-43247
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app with root privileges may be able to modify the contents of system files...
CVE-2022-26688
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files...
CVE-2024-3980
The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application...
CVE-2025-24104
This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-44258
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-44260
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious app with root privileges may be able to modify the contents of system files...
CVE-2024-44258
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-44258
CVE-2024-44258 affects Apple’s ManagedConfiguration framework and the profiled daemon. The issue arises during backup restoration when the destination path’s symlink status is not validated, potentially allowing written files to migrate into restricted, protected areas and modify system files. A ...
CVE-2024-40825
CVE-2024-40825 affects Apple Vision Pro’s visionOS (APFS) and macOS Sequoia; root cause described as inadequate checks that could let a malicious, root-privileged app modify system files. Official sources confirm fixes in visionOS 2 and macOS Sequoia 15. Practical impact is local privilege abuse ...
About the security content of macOS Sequoia 15
About the security content of macOS Sequoia 15 This document describes the security content of macOS Sequoia 15. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
Code injection
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device...
CVE-2022-34430
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...
Design/Logic Flaw
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...
CVE-2022-34430
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...
CVE-2022-34429
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...
Code injection
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...
CVE-2022-34429
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification...