Vulnerabilities (CVE)

Filtered by vendor Binarynights Subscribe
Filtered by product Forklift
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27192 1 Binarynights 1 Forklift 2024-11-21 7.2 HIGH 7.8 HIGH
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool.
CVE-2020-15349 1 Binarynights 1 Forklift 2024-11-21 7.2 HIGH 7.8 HIGH
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions.