29 matches found
Apple iOS Phone Component Logic Vulnerability
Apple iOS is an operating system developed by Apple Inc. for mobile devices, of which the Phone is one of the telephony components. A security vulnerability exists in the Phone component of Apple iOS versions prior to 11.4.1. No details of the vulnerability are available at this time...
Apple macOS Sierra SQLite TextInput Memory Corruption Vulnerability
Apple macOS is an operating system that runs on Apple's Macintosh line of computers. A memory corruption vulnerability exists in Apple macOS Sierra TextInput, which can be exploited by a remote attacker to submit special data that can be tricked into parsing and executing arbitrary code...
The vulnerability of the iOS operating system and the Safari browser allows a perpetrator to obtain confidential information from the process’s memory.
The vulnerability of the WebKit component of the iOS operating system and the Safari browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a...
The vulnerability of the iOS operating system and the Safari browser allows a hacker to replace the user interface of the FaceTime application.
The vulnerability of the Safari component of the iOS operating system and the Safari browser is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to replace the FaceTime application’s user interface using a specially crafted web page...
CVE-2016-7585
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...
Apple macOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=977 syslogd running as root hosts the com.apple.system.logger mach service. It's part of the system.sb sandbox profile and so reachable from a lot of sandboxed contexts. Here's a snippet from its mach message handling loop...
Apple iOS and Apple macOS Information Disclosure Vulnerability
Apple iOS and macOS are both operating systems from Apple Inc. Apple iOS is developed for mobile devices; macOS is developed for Mac computers. An information disclosure vulnerability exists in Security in Apple iOS versions prior to 10.1 and Apple macOS versions prior to 10.12.1. An attacker cou...
Apple OS X Intel Graphics Driver Null Pointer Reference Vulnerability
Apple OS X is an operating system developed by Apple Inc. Apple OS X handles a null pointer reference vulnerability in Intel Graphics Driver, which allows attackers to exploit the vulnerability to execute arbitrary code with system privileges...
Apple Open Firmware 4.1.7/4.1.8 - Insecure Password
source: https://www.securityfocus.com/bid/3186/info A user who has set an Open Firmware password on their Apple system believes it to be safe when powered down. There is a tool that any user with access to the Finder can run in order to reveal the Open Firmware password without any decryption...