Little Snitch

little_snitch

Vendor: Obdev • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-13095 1Obdev 1Little Snitch Nov 21, 2024 Jun 30, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.
CVE-2019-13014 1Obdev 1Little Snitch Nov 21, 2024 Aug 23, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may there...Show more Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may therefore still be vulnerable after upgrading to 4.4.0. Version 4.4.1 fixes this issue by removing the operating system's copy during the upgrade.Show less
CVE-2019-13013 1Obdev 1Little Snitch Nov 21, 2024 Aug 23, 2019 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows d...Show more Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root.Show less
CVE-2017-2675 2Obdev Objective Development 2Little Snitch Little Snitch May 13, 2026 Apr 6, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.pli...Show more Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. The vulnerability is related to the installation of the configuration file "at.obdev.littlesnitchd.plist" which gets installed to /Library/LaunchDaemons.Show less
CVE-2016-8661 1Obdev 1Little Snitch May 6, 2026 Nov 15, 2016 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating sys...Show more Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.Show less