Lucene search
K

88 matches found

Zero Day Initiative
Zero Day Initiative
added 2016/05/19 12:0 a.m.27 views

(Pwn2Own) Apple OS X IntelAccelerator Out-Of-Bounds Indexing Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.9CVSS3.1AI score0.01656EPSS
Exploits0References1
CVE
CVE
added 2015/12/11 11:0 a.m.67 views

CVE-2015-7052

CVE-2015-7052 affects Apple OS X before 10.11.2 where kext tools mishandle kernel-extension loading, enabling local users to gain privileges via unspecified vectors. The vulnerability stems from the kernel-extension loading path, with an update shipped in OS X 10.11.2 to mitigate. Practical impac...

7.2CVSS7.7AI score0.00354EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/12/11 12:0 a.m.51 views

Mac OS X Multiple Vulnerabilities (Security Updates 2015-005 / 2015-008)

The remote host is running a version of Mac OS X 10.9.5 or 10.10.5 that is missing Security Update 2015-005 or 2015-008. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression -...

10CVSS7AI score0.19984EPSS
Exploits18References56
Tenable Nessus
Tenable Nessus
added 2015/12/10 12:0 a.m.64 views

Mac OS X 10.11.x < 10.11.2 Multiple Vulnerabilities

The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apachemodphp - AppSandbox - Bluetooth - CFNetwork HTTPProtocol - Compression - Configuration Profiles - CoreGraphics - CoreMedi...

10CVSS7AI score0.19984EPSS
Exploits18References58
Tenable Nessus
Tenable Nessus
added 2015/10/12 12:0 a.m.38 views

Mac OS X < 10.10.4 Multiple Vulnerabilities

Binary data 8801.prm...

10CVSS7.3AI score0.9986EPSS
Exploits48References78
seebug.org
seebug.org
added 2015/09/06 12:0 a.m.14 views

OS X 10.10 - DYLD_PRINT_TO_FILE Local Privilege Escalation

DYLDPRINTTOFILE local privilege escalation vulnerability in OS X 10.10 - 10.10.4 !/bin/sh Simple Proof of Concept Exploit for the DYLDPRINTTOFILE local privilege escalation vulnerability in OS X 10.10 - 10.10.4 C Copyright 2015 Stefan Esser Wait months for a fix from Apple or install the followin...

7.3AI score
Exploits0
0day.today
0day.today
added 2015/07/23 12:0 a.m.19 views

Apple OSX 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation Exploit

Exploit for macOS platform in category local exploits !/bin/sh Simple Proof of Concept Exploit for the DYLDPRINTTOFILE local privilege escalation vulnerability in OS X 10.10 - 10.10.4 C Copyright 2015 Stefan Esser Wait months for a fix from Apple or install the following KEXT as protection...

6.8AI score
Exploits0
Prion
Prion
added 2015/07/03 2:0 a.m.18 views

Race condition

Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation...

6.9CVSS6.2AI score0.00257EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/07/03 1:0 a.m.67 views

CVE-2015-3709

CVE-2015-3709 refers to a TOCTOU race condition in Apple’s kext tools on macOS OS X Yosemite prior to 10.10.4. The flaw occurs during kernel-extension path validation, allowing a local user to bypass signature checks and load unsigned kernel extensions. Public details in connected docs indicate t...

6.9CVSS3.6AI score0.00257EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/07/03 1:0 a.m.24 views

CVE-2015-3708

kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack...

3.9AI score0.01615EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/01 12:0 a.m.90 views

Mac OS X 10.10.x < 10.10.4 Multiple Vulnerabilities (GHOST) (Logjam)

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.4. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl - AppleThunderboltEDMService - ATS - Bluetooth -...

10CVSS8.3AI score0.9986EPSS
Exploits46References73
Tenable Nessus
Tenable Nessus
added 2015/07/01 12:0 a.m.65 views

Mac OS X Multiple Vulnerabilities (Security Update 2015-005) (GHOST) (Logjam)

The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-005. It is, therefore, affected multiple vulnerabilities in the following components : - Admin Framework - afpserver - apache - AppleFSCompression - AppleGraphicsControl -...

10CVSS8.2AI score0.9986EPSS
Exploits46References73
exploitpack
exploitpack
added 2015/01/20 12:0 a.m.16 views

Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference

Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference // clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024;...

0.8AI score
Exploits0
0day.today
0day.today
added 2015/01/20 12:0 a.m.23 views

OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference

Exploit for iOS platform in category local exploits // clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024; strcpycmd, "nm -g...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2015/01/20 12:0 a.m.20 views

Apple Mac OSX 10.9.5 - IOKit IntelAccelerator Null Pointer Dereference

// clang -o ig23exploit ig23exploit.c -framework IOKit -framework CoreFoundation -m32 -DFORTIFYSOURCE=0 // ianbeer include include include include include include include include uint64t kernelsymbolchar sym char cmd1024; strcpycmd, "nm -g /machkernel | grep "; strcatcmd, sym; strcatcmd, " | cut...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

VMWare Fusion <= 2.0.5 vmx86 kext local PoC

No description provided by source. / vmware-pop.c Copyright c 2009 by [email protected] VMware Fusion = 2.0.5 vmx86 kext local denial of service POC by mu-b - Mon 22 June 2009 - Tested on: VMware Fusion 2.0.4 10.5.x VMware Fusion 2.0.5 10.5.x http://seclists.org/fulldisclosure/2009/Oct/29...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

VMWare Fusion <= 2.0.5 vmx86 kext local kernel root exploit

No description provided by source. / vmware-fission.c Copyright c 2009 by [email protected] VMware Fusion = 2.0.5 vmx86 kext local kernel root exploit by mu-b - Tue 23 June 2009 - Tested on: VMware Fusion 2.0.4 10.5.x VMware Fusion 2.0.5 10.5.x http://seclists.org/fulldisclosure/2009/Oct/29...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/10/23 12:0 a.m.60 views

Mac OS X 10.x < 10.9 Multiple Vulnerabilities (BEAST)

The remote host is running a version of Mac OS X 10.x that is prior to version 10.9. The newer version contains multiple security-related fixes for the following components : - Application Firewall - App Sandbox - Bluetooth - CFNetwork - CFNetwork SSL - Console - CoreGraphics - curl - dyld -...

9.3CVSS6.4AI score0.73327EPSS
Exploits23References52
Prion
Prion
added 2013/09/19 10:28 a.m.19 views

Authorization

kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to 1 load or 2 unload kernel extensions via a crafted message...

6.3CVSS5.7AI score0.00342EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2013/09/19 10:28 a.m.19 views

CVE-2013-5145

kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to 1 load or 2 unload kernel extensions via a crafted message...

6.3CVSS5.4AI score0.00342EPSS
Exploits0References5
Rows per page
Query Builder