CVE-2024-4395

The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation.

Publication date: Thu, 27 Jun 2024 22:15:00 +0000

Cyber News related to CVE-2024-4395

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
3 months ago Cisa.gov

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
2 weeks ago Tenable.com

The Top 24 Security Predictions for 2024 - Welcome to the second installment of this comprehensive annual look at global cybersecurity industry predictions from the top security industry vendors, technology magazines, expert thought leaders and many more. Last week, in part one of The Top 24 ...
6 months ago Securityboulevard.com

Securing Gold: Assessing Cyber Threats on Paris 2024 - The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024. Paris 2024 estimated the number of spectators for the next edition to be 9,7 ...
5 months ago Blog.sekoia.io

CVE-2024-4395 - The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation. ...
2 days ago

The Top 24 Security Predictions for 2024 - For 2024, top topics range from upcoming elections to regional wars to space exploration to advances in AI. And with technology playing a more central role in every area of life, annual cybersecurity prediction reports, cyber industry forecasts and ...
6 months ago Securityboulevard.com

CVE-2014-4398 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4399 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4396 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4397 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4400 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4394 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4395 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4401 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2014-4416 - An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, ...
6 years ago

CVE-2009-4395 - Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
14 years ago

CVE-2010-4395 - Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data. ...
13 years ago

CVE-2005-4395 - Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter. ...
13 years ago

CVE-2012-4395 - Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter. ...
11 years ago

CVE-2015-4395 - The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote authenticated users with certain permissions to ...
8 years ago

CVE-2016-4395 - HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. ...
7 years ago

CVE-2006-4395 - Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows context-dependent attackers to cause a denial of service ("memory corruption" and crash) via a crafted PICT image that is not properly ...
6 years ago

CVE-2008-4395 - Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs. ...
6 years ago

CVE-2007-4395 - Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. Successful exploitation requires that the attacker ...
5 years ago

Latest Cyber News

30 Best Cyber Security Search Engines - 15 minutes ago
How to protect data at rest and in transit - 36 minutes ago
Sony Enters Crypto Exchange Arena with Acquisition of Amber - 36 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 57 minutes ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 1 hour ago
Indonesian government didn't backup ransomwared data The Register - 1 hour ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 1 hour ago
Portainer: Open-source Docker and Kubernetes management - 1 hour ago
Why every company needs a DDoS response plan - 1 hour ago
Microsoft tells more customers their emails have been stolen The Register - 3 hours ago
Preparing for Q-Day as NIST nears approval of PQC standards - 3 hours ago
Infosec products of the month: June 2024 - 4 hours ago
CVE-2024-38525 - 6 hours ago
CVE-2024-6419 - 6 hours ago
CVE-2024-6418 - 7 hours ago
CVE-2024-6417 - 7 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
30 Best Cyber Security Search Engines - 15 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Sony Enters Crypto Exchange Arena with Acquisition of Amber - 36 minutes ago
How to protect data at rest and in transit - 36 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 57 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 56 minutes ago
CVE-2024-6419 - 6 hours ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 1 hour ago
Why every company needs a DDoS response plan - 1 hour ago
Portainer: Open-source Docker and Kubernetes management - 1 hour ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 1 hour ago
Indonesian government didn't backup ransomwared data The Register - 1 hour ago
Microsoft tells more customers their emails have been stolen The Register - 3 hours ago
Preparing for Q-Day as NIST nears approval of PQC standards - 3 hours ago
Infosec products of the month: June 2024 - 4 hours ago
CVE-2024-6416 - 8 hours ago
CVE-2024-6418 - 7 hours ago
CVE-2024-6417 - 7 hours ago