Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

PT-2026-45020

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

CVE-2021-33592

NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function...

📄 macOS 10.12.2 XNU Kernel Privilege Escalation

This proof of concept targets a race‑condition vulnerability in the XNU kernel affecting macOS/iOS. By forcing a use‑after‑free condition on kernel ports, the exploit manipulates freed memory through a controlled spray, allowing a user‑controlled replacement object. Successful exploitation yields...

EUVD-2016-2846

Malware in sbrugna...

EUVD-2013-0988

Malware in sbrugna...

EUVD-2014-4382

Malware in sbrugna...

EUVD-2015-3838

Malware in sbrugna...

EUVD-2018-4963

Malware in sbrugna...

EUVD-2018-2476

Malware in sbrugna...

EUVD-2015-3842

Malware in sbrugna...

EUVD-2018-15961

Malware in sbrugna...

CVE-2025-23364

A vulnerability has been identified in TIA Administrator All versions V3.0.6. The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and exceute arbitrary code during installations...

CVE-2013-0977

dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing requirements via a file that contains overlapping segments...

CVE-2024-52548 Lorex 2K Indoor Wi-Fi Security Camera - Code signing bypass

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing enforcements in the kernel, and execute arbitrary native code. This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111...

CVE-2024-52548

Lorex 2K Indoor Wi‑Fi Security Camera is affected by CVE-2024-52548 where an attacker can bypass kernel code signing enforcements and execute arbitrary native code. The issue is part of a five‑vulnerability exploit chain (CVE-2024-52544 to CVE-2024-52548) that enables unauthenticated RCE via a tw...

electron-builder security vulnerability

electron-builder is a tool for packaging and building ready-to-distribute Electron, Proton Native applications for macOS, Windows, and Linux with out-of-the-box "auto-update" support. A security vulnerability exists in electron-builder prior to version 6.3.0-alpha.6, which can be exploited to...

Apple macOS Catalina TCC Component Logic Issue Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A logic problem exists in the Apple macOS Catalina TCC component, which can be exploited by attackers to create malicious applications that may be able to bypass code signing implementations...

CVE-2018-13013

Improper check of unusual conditions when launching msiexec.exe in safensec.com SysWatch service in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection...

Facebook OSQuery Code Signing Bypass (macOS)

The installed version of Facebook OSQuery is less than 3.2.7 and is therefore vulnerable to allowing execution of malicious binaries due to accepting forged Apple signatures. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110643; scriptversion"1.5";...