379 matches found
Native Instruments Native Access 安全漏洞
Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access. This vulnerability stems from the Privilege Assistant XPC service using client PID for verifying code...
PT-2026-5657
Name of the Vulnerable Software and Affected Versions Native Instruments Native Access affected versions not specified Description The Native Access application installs a privileged helper, com.native-instruments.NativeAccess.Helper2, used for triggering functions via XPC communication, such as...
Exploit for CVE-2024-11467
CVE-2024-11467 The macOS operating system uses XPC services f...
CVE-2018-9105
NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main application. Unfortunately...
CVE-2018-6823
In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root...
CVE-2021-41388
Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call external methods...
CVE-2025-14979
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...
CVE-2025-1078
A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified as critical. This vulnerability affects the function shouldAcceptNewConnection of the file com.apphousekitchen.aldente-pro.helper of the component XPC Service. The manipulation leads to...
CVE-2025-14979
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...
CVE-2025-14979 Eddie VPN 2.24.6 - Local Privilege Escalation
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...
CVE-2025-14979 Eddie VPN 2.24.6 - Local Privilege Escalation
AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...
AirVPN Eddie 安全漏洞
AirVPN Eddie is a proxy client from AirVPN Open Source. A security vulnerability exists in AirVPN Eddie version 2.24.6, which stems from an insecure XPC service and could lead to local unprivileged user privileges being elevated to root...
CVE-2025-25364
A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...
CVE-2025-25364
A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...
CVE-2025-25364
A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...
CVE-2025-25364
A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...
CVE-2025-25364
CVE-2025-25364 affects Speedify VPN up to v15.0.0 and is caused by a command injection flaw in the me.connectify.SMJobBlessHelper XPC service. The vulnerability arises from improper input validation in the XPC interface, enabling local privilege escalation to root. PT-Security reports the issue i...
CVE-2025-13733
BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoNTFS: 1.3.2...
CVE-2025-65842
The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...
CVE-2025-55076
A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...