giovannipajeu1

10 exploits Active since Jan 2024
CVE-2023-50643 NOMISEC CRITICAL WRITEUP
Evernote for macOS 10.68.2 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.
8 stars
CVSS 9.8
CVE-2024-23739 NOMISEC CRITICAL WRITEUP
Discord < 0.0.291 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
3 stars
CVSS 9.8
CVE-2024-23742 NOMISEC CRITICAL SUSPICIOUS
Loom < 0.196.1 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine.
1 stars
CVSS 9.8
CVE-2024-23738 NOMISEC CRITICAL WRITEUP
Postman < 10.22 - Remote Code Execution via RunAsNode Configuration
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.."
1 stars
CVSS 9.8
CVE-2024-23743 NOMISEC LOW WRITEUP
notion/notion < 3.1.0 - Unauthenticated Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment."
1 stars
CVSS 3.3
CVE-2024-23740 NOMISEC CRITICAL SUSPICIOUS
Kap for macOS <=3.6.0 - Remote Code Execution via RunAsNode Settings
An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
CVSS 9.8
CVE-2024-23741 NOMISEC CRITICAL WRITEUP
Hyper < 3.4.1 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.
CVSS 9.8
CVE-2024-23743 INTHEWILD LOW WRITEUP
notion/notion < 3.1.0 - Unauthenticated Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment."
CVSS 3.3
CVE-2023-50643 INTHEWILD CRITICAL WRITEUP
Evernote for macOS 10.68.2 - Remote Code Execution via RunAsNode and enableNodeClilnspectArguments
An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.
CVSS 9.8
CVE-2024-23738 INTHEWILD CRITICAL WRITEUP
Postman < 10.22 - Remote Code Execution via RunAsNode Configuration
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.."
CVSS 9.8