EUVD-2018-16003

Malware in sbrugna...

CVE-2023-41588

A cross-site scripting XSS vulnerability in Time to SLA plugin v10.13.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the durationFormat parameter...

PT-2023-27985 · Unknown · Time To Sla Plugin

Name of the Vulnerable Software and Affected Versions: Time to SLA plugin version 10.13.5 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the durationFormat parameter. This enables the execution of malicio...

Apple macOS 10.13.5 - Local Privilege Escalation Exploit

Exploit for macOS platform in category local exploits import import import import import import import "offsets.h" //utils define ENFORCEa, label \ do \ if builtinexpect!a, 0 \ \ timedlog"! %s is false l.%d\n", a, LINE; \ goto label; \ \ while 0 // from...

CVE-2018-4257

In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation...

CVE-2018-4182

In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS...

Out-of-bounds

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation...

Out-of-bounds

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation...

Memory corruption

In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling...

CVE-2018-4255

In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation...

CVE-2018-4255

CVE-2018-4255 is documented in Apple HT208849 as a kernel‑level input validation issue in macOS High Sierra (10.13.4). The vulnerability could allow a local attacker to execute arbitrary code with kernel privileges. It was mitigated by enhanced kernel input validation, with remediation delivered ...

CVE-2018-4183

CVE-2018-4183 affects macOS High Sierra via the CUPS component. The issue is described as a sandbox bypass in CUPS that could occur due to profile misconfiguration, allowing a local process to interact with or modify CUPS behavior outside its sandbox. Public sources (NVD entry for CVE-2018-4183 a...

CVE-2018-4182

CVE-2018-4182 – CUPS sandbox bypass in macOS High Sierra . The connected sources confirm a local vulnerability in CUPS on macOS High Sierra prior to 10.13.5, described as an access issue that was mitigated by adding sandbox restrictions to CUPS. The impact is limited to a local attacker who could...

CVE-2018-4217

In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing...

Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking

/ This PoC file might look familiar; this bug is a trivial variant of CVE-2016-1744 Apple bug id 635599405. That report showed the bug in the unmapusermemory external methods; a variant also exists in the mapusermemory external methods. The intel graphics drivers have their own hash table type...

CVE-2018-4180

In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions...

CVE-2018-4235

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified...

CVE-2018-4240

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted...

CVE-2018-4224

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security...

Code injection

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security...