EUVD-2012-4602

Malware in sbrugna...

CVE-2012-4677

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value...

Improper Validation of Specified Type of Input

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Improper...

CVE-2025-24803

MobSF contains a Stored XSS in the iOS Dynamic Analyzer due to unsanitized CFBundleIdentifier input from Corellium in dynamic_analysis.html. An attacker can modify Info.plist to include special characters and trigger HTML context breaks when a malicious app is uploaded, enabling actions as users ...

IOSSecuritySuite - iOS Platform Security And Anti-Tampering Swift Library

 iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you are developing for iOS and you want to protect your app according to the OWASP MASVS standard, chapter v8, then this library could save you a lot of time.  What ISS detect...

Introduction to Reverse Engineering Cocoa Applications

While not as common as Windows malware, there has been a steady stream of malware discovered over the years that runs on the OS X operating system, now rebranded as macOS. February saw three particularly interesting publications on the topic of macOS malware: a Trojan Cocoa application that sends...

VMware Tools Detection (Mac OS X SSH Login)

Detects the installed version of VMware Tools on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Flexera InstallAnywhere Detection (Mac OS X SSH Login)

Detects the installed version of Flexera InstallAnywhere on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Google Picasa Installed (Mac OS X)

Google Picasa is installed on the remote Mac OS X host. TRUSTED...

CVE-2012-4677

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value...

Design/Logic Flaw

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value...

CVE-2012-4677

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value...

CVE-2012-4677

CVE-2012-4677 affects Tunnelblick 3.3beta20 and earlier. The issue arises when a crafted Info.plist controls the gOkIfNotSecure value, enabling local users to gain privileges via this condition. Affected component is the Info.plist handling in Tunnelblick, with a local-auth attack vector and part...

Google SketchUp Detection (Mac OS X SSH Login)

Detects the installed version of Google SketchUp. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Adobe Illustrator Detection (Mac OS X SSH Login)

Detects the installed version of Adobe Illustrator. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Adobe Shockwave Player Detection (Mac OS X SSH Login)

Detects the installed version of Adobe Shockwave Player on Mac OS X. The script logs in via ssh, and searches for adobe products SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apple Safari Detection (Mac OS X SSH Login)

Detects the installed version of Apple Safari on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...