Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-01-14
.NET Remote Code Execution Vulnerability
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
.NET and Visual Studio Remote Code Execution Vulnerability
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-14
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.006
Published
2025-01-14
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.
This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-01-08
A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror.
CVSS Score
6.8
EPSS Score
0.004
Published
2025-01-07
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-20
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-12-20
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window.
CVSS Score
4.6
EPSS Score
0.0
Published
2024-12-20
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-12-20