[R1] Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities

R1 Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities Arnie Cabral Thu, 02/05/2026 - 02:13 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components expat was found to contain vulnerabilities, and updated versions have been mad...

CVE-2025-58073

Mattermost versions 10.11.x = 10.11.1, 10.10.x = 10.10.2, 10.5.x = 10.5.10 fail to verify a user has permission to join a Mattermost team using the original invite token which allows any attacked to join any team on a Mattermost server regardless of restrictions via manipulating the OAuth state...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect due to a failure to validate the redirectto parameter. An attacker can exfiltrate user cookies by tricking a user into authenticating with their SAML provider using a crafted link that redirects them to an...

PHP SoapFault Type Confusion

Type Confusion Infoleak Vulnerability in unserialize with SoapFault Taoguang Chen - Write Date: 2015.3.1 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in unserialize with SoapFault object's toString magic method that can be abused for leaking arbitrary memory blocks...

Apple Mac OSX - 'Rootpipe' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Mac OS X "Rootpipe" Privilege Escalation', 'Description' = %q This module exploits a hidden backdoor API in Apple's Admin framework ...

Immunity Canvas: ROOTPIPE

Name| rootpipe ---|--- CVE| CVE-2015-1130 Exploit Pack| CANVAS Description| OS X XPC Admin Framework rootpipe local privilege escalation Notes| CVE Name: CVE-2015-1130 VENDOR: Apple Notes: This is a local privilege escalation affecting all Mac OS X versions from 10.7 up to 10.10.2. We provide bot...

Mac OS X rootpipe Local Privilege Escalation Exploit

Mac OS X rootpipe local proof of concept privilege escalation exploit. PoC exploit code for rootpipe CVE-2015-1130 Created by Emil Kvarnhammar, TrueSec Tested on OS X 10.7.5, 10.8.2, 10.9.5 and 10.10.2 import os import sys import platform import re import ctypes import objc import sys from Cocoa...

Apple Mac OSX 10.7.510.8.210.9.510.10.2 - Rootpipe Local Privilege Escalation

Apple Mac OSX 10.7.510.8.210.9.510.10.2 - Rootpipe Local Privilege Escalation PoC exploit code for rootpipe CVE-2015-1130 Created by Emil Kvarnhammar, TrueSec Tested on OS X 10.7.5, 10.8.2, 10.9.5 and 10.10.2 import os import sys import platform import re import ctypes import objc import sys from...

PHP unserialize() Use-After-Free

Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...

PHP DateTime Use After Free Vulnerability

Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod...

PHP DateTimeZone Type Confusion Infoleak

Type Confusion Infoleak Vulnerability in unserialize with DateTimeZone Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A Type Confusion Vulnerability was discovered in unserialize with DateTimeZone object's wakeup magic method that can be abused for leaking arbitrary memory blocks...

Null pointer dereference

IOHIDFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly initialize event queues, which allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...

Command injection

coresymbolicationd in CoreSymbolication in Apple OS X before 10.10.2 does not verify that expected data types are present in XPC messages, which allows attackers to execute arbitrary code in a privileged context via a crafted app, as demonstrated by lack of verification of xpcdictionarygetvalue A...

Design/Logic Flaw

The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID credentials in App Store logs, which allows local users to obtain sensitive information by reading a file...

CVE-2014-8826

CVE-2014-8826 affects macOS/OS X prior to 10.10.2. The issue is that Gatekeeper quarantine checks are not applied to JAR files executed by Java, enabling bypass of Gatekeeper protections via a crafted JAR archive. The connected documents corroborate this as a Gatekeeper bypass scenario tied to qu...

Apple Releases iOS 8.1.3

Apple has rolled out iOS 8.1.3 for iPhone, iPod touch and iPad devices, after weeks of extensive testing. The iOS 8.1.3 update contains bug fixes, stability enhancements and performance improvements. Among the new features, it reduces the amount of storage space required to perform a software...

Thunderstrike Patch Slated for Inclusion in New OS X Build

In addition to patching the three Project Zero vulnerabilities disclosed last week, Apple is apparently readying a fix for the Thunderstrike boot attack as well, something that will purportedly rid all Macs running Yosemite of the issue. All of the vulnerabilities have reportedly been fixed in...