SUSE CVE-2018-4089

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial o...

REDCap Cross Site Scripting Vulnerability

REDCap versions prior to 11.4.0 suffer from a persistent cross site scripting vulnerability that can be leveraged to escalate privileges. Exploit Title: REDCap var target = document.location.host; var csrftoken = csrftoken; var userId = ''; // Replace with your user ID. function privesc var xhr =...

About the security content of tvOS 11.2.5 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

CVE-2018-4095

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service...

Memory corruption

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is...

Memory corruption

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is...

CVE-2018-4090

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a...

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - bluetoothd Memory Corruption Exploit

Exploit for iOS platform in category dos / poc // // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt service; / When hijacking...

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption

// // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt service; / When hijacking session between bluetoothd and client, add callba...

Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption

Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption // // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt...

CVE-2018-4096

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is...

About the security content of tvOS 11.2.5

About the security content of tvOS 11.2.5 This document describes the security content of tvOS 11.2.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of iOS 11.2.5

About the security content of iOS 11.2.5 This document describes the security content of iOS 11.2.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2017-18023

Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI...

Code injection

Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI...

CVE-2017-18023

Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI...

Office Tracker 11.2.5 Cross Site Scripting

Title: Office Tracker 11.2.5 - XSS Author: Nassim Asrir Contact: [email protected] Vendor: https://www.officetracker.com/ CVE: CVE-2017-18023 Description Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI. ------------------------------------------ Detail...