8 matches found
EUVD-2018-19755
Malware in sbrugna...
ZenMate VPN Browser Extension Deanonymization & Hijacking Vulnerability (3.5 Million Affected Users)
Summary ZenMate, a VPN provider with over 43 million users, offers multiple browser extensions to use their VPN with. As of the time of this writing the browser extensions have a combined total of 3.5 million users. The ZenMate VPN clients for both Chrome & Firefox trust the previously expired...
ZenMate VPN Browser Extension Deanonymization & Hijacking Vulnerability (3.5 Million Affected Users)
Summary ZenMate, a VPN provider with over 43 million users, offers multiple browser extensions to use their VPN with. As of the time of this writing the browser extensions have a combined total of 3.5 million users. The ZenMate VPN clients for both Chrome & Firefox trust the previously expired...
CVE-2018-8076
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of t...
Type confusion
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of t...
CVE-2018-8076
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of t...
CVE-2018-8076
ZenMate 1.5.4 for macOS contains a type confusion vulnerability in the com.zenmate.chron-xpc LaunchDaemon. The LaunchDaemon exposes an XPC service that uses an insecure XPC API to access data from inbound messages, potentially allowing an attacker-controlled input to pass an object of the wrong t...
CVE-2018-8076
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of t...