Exploit for Improper Initialization in Linux Linux_Kernel

markdown Chrono-Drip: Temporal Viscosity Exploitation Frame...

EUVD-2017-11130

Malware in sbrugna...

EUVD-2020-26427

Malware in sbrugna...

EUVD-2025-17060

Malicious code in bioql PyPI...

CVE-2025-4412

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

CVE-2025-4412 TCC Bypass via Dylib Loading in Viscosity.app

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

CVE-2025-4412

CVE-2025-4412 concerns macOS: an attacker can use a Launch Agent to load viscosity_openvpn from the Viscosity app bundle and induce a dynamic library load under Viscosity’s TCC identity. This grants limited resource access without entitlements (e.g., not granting camera/mic); access to other reso...

CVE-2025-4412 TCC Bypass via Dylib Loading in Viscosity.app

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

Sparklabs Viscosity 安全漏洞

Sparklabs Viscosity is an OpenVPN client from Sparklabs Australia. A security vulnerability exists in SparkLabs Viscosity versions prior to 1.11.5, which stems from the possibility of exploiting the Launch Agent to load dynamic libraries to gain limited access to resources...

PT-2025-22984 · Viscosity · Viscosity

Name of the Vulnerable Software and Affected Versions: Viscosity versions prior to 1.11.5 Description: The issue allows loading a dynamic library with Viscosity's TCC identity on macOS systems by utilizing a Launch Agent and loading the viscosity openvpn process from the application bundle. The...

CVE-2020-5180

Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. When a VPN connection is initiated using a TLS/SSL client...

Agency Problems and Adversarial Bilevel Optimization under Uncertainty and Cyber Threats

We study an agency problem between a holding company and its subsidiary, exposed to cyber threats that affect the overall value of the subsidiary. The holding company seeks to design an optimal incentive scheme to mitigate these losses. In response, the subsidiary selects an optimal cybersecurity...

CVE-2017-20123

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

CVE-2017-20123

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

CVE-2017-20123

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

Design/Logic Flaw

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

CVE-2017-20123 Viscosity DLL untrusted search path

A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

CVE-2017-20123

The CVE-2017-20123 entry concerns Sparklabs Viscosity 1.6.7. The vulnerability affects the DLL Handler component and enables an untrusted search path condition. It is described as exploitable remotely, with public disclosure of the exploit. A fix is available in version 1.6.8. Severity varies by ...

Sparklabs Viscosity 代码问题漏洞

Sparklabs Viscosity is an OpenVPN client from Sparklabs Australia. A security vulnerability exists in Sparklabs Viscosity version 1.6.7 that stems from a path not being properly validated...

CVE-2020-5180

Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. When a VPN connection is initiated using a TLS/SSL client...