Latest CVE Feed
-
4.8
MEDIUMCVE-2025-8700
Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memor... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration
-
5.3
MEDIUMCVE-2025-1501
An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limi... Read more
Affected Products : cmc- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Authorization
-
4.8
MEDIUMCVE-2025-53813
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions. Acquired resource access ... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration
-
4.8
MEDIUMCVE-2025-53811
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency, Consent, and Control) permissions. Acquired resource a... Read more
Affected Products :- Published: Aug. 26, 2025
- Modified: Aug. 26, 2025
- Vuln Type: Misconfiguration