.NET and Visual Studio Remote Code Execution Vulnerability
CVSS Score
7.5
EPSS Score
0.005
Published
2025-01-14
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.012
Published
2025-01-14
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.
This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
CVSS Score
4.8
EPSS Score
0.002
Published
2025-01-08
A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror.
CVSS Score
6.8
EPSS Score
0.005
Published
2025-01-07
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-12-20
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-12-20
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-12-20
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-12-20
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-12-20
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may be able to view sensitive user information.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-12-20