Lucene search
K

379 matches found

CNNVD
CNNVD
added 2026/02/02 12:0 a.m.8 views

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access. This vulnerability stems from the Privilege Assistant XPC service using client PID for verifying code...

7.8CVSS5.9AI score0.00146EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.8 views

PT-2026-5657

Name of the Vulnerable Software and Affected Versions Native Instruments Native Access affected versions not specified Description The Native Access application installs a privileged helper, com.native-instruments.NativeAccess.Helper2, used for triggering functions via XPC communication, such as...

8.8CVSS5.6AI score0.00213EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/01/27 2:27 a.m.188 views

Exploit for CVE-2024-11467

CVE-2024-11467 The macOS operating system uses XPC services f...

7.8CVSS6AI score0.00184EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/09 12:13 p.m.6 views

CVE-2018-9105

NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main application. Unfortunately...

9CVSS7.6AI score0.02744EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:6 p.m.10 views

CVE-2018-6823

In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root...

10CVSS7.2AI score0.01511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:36 a.m.7 views

CVE-2021-41388

Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call external methods...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.6 views

CVE-2025-14979

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

8.5CVSS7.1AI score0.00148EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.5 views

CVE-2025-1078

A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified as critical. This vulnerability affects the function shouldAcceptNewConnection of the file com.apphousekitchen.aldente-pro.helper of the component XPC Service. The manipulation leads to...

5.3CVSS6.4AI score0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 4:15 p.m.10 views

CVE-2025-14979

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

8.5CVSS0.00148EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/06 3:15 p.m.27 views

CVE-2025-14979 Eddie VPN 2.24.6 - Local Privilege Escalation

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

8.5CVSS0.00148EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/06 3:15 p.m.2 views

CVE-2025-14979 Eddie VPN 2.24.6 - Local Privilege Escalation

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

8.5CVSS6.8AI score0.00148EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.5 views

AirVPN Eddie 安全漏洞

AirVPN Eddie is a proxy client from AirVPN Open Source. A security vulnerability exists in AirVPN Eddie version 2.24.6, which stems from an insecure XPC service and could lead to local unprivileged user privileges being elevated to root...

8.5CVSS6.3AI score0.00148EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/12/24 12:48 a.m.13 views

CVE-2025-25364

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

8.4CVSS8.2AI score0.00838EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 7:15 p.m.5 views

CVE-2025-25364

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

8.4CVSS0.00838EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/23 12:0 a.m.4 views

CVE-2025-25364

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

7.8AI score0.00838EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/23 12:0 a.m.24 views

CVE-2025-25364

A command injection vulnerability in the me.connectify.SMJobBlessHelper XPC service of Speedify VPN up to v15.0.0 allows attackers to execute arbitrary commands with root-level privileges...

0.00838EPSS
Exploits0References3
CVE
CVE
added 2025/12/23 12:0 a.m.343 views

CVE-2025-25364

CVE-2025-25364 affects Speedify VPN up to v15.0.0 and is caused by a command injection flaw in the me.connectify.SMJobBlessHelper XPC service. The vulnerability arises from improper input validation in the XPC interface, enabling local privilege escalation to root. PT-Security reports the issue i...

8.4CVSS7.8AI score0.00838EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/12/12 4:15 p.m.7 views

CVE-2025-13733

BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoNTFS: 1.3.2...

8.5CVSS0.00195EPSS
Exploits1References3
OSV
OSV
added 2025/12/03 5:15 p.m.5 views

CVE-2025-65842

The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...

5.1CVSS6AI score0.00146EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/03 12:0 a.m.22 views

CVE-2025-55076

A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system, which may allow a local user to execute arbitrary commands wi...

0.00183EPSS
Exploits1References1
Rows per page
Query Builder