Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-1334

Malware in sbrugna...

7.5CVSS6.1AI score0.01346EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2014-1333

Malware in sbrugna...

7.5CVSS6.1AI score0.01593EPSS
Exploits1References2
GoogleProjectZero
GoogleProjectZero
added 2019/08/29 12:0 a.m.251 views

In-the-wild iOS Exploit Chain 3

Posted by Ian Beer, Project Zero TL;DR This chain targeted iOS 11-11.4.1, spanning almost 10 months. This is the first chain we observed which had a separate sandbox escape exploit. The sandbox escape vulnerability was a severe security regression in libxpc, where refactoring lead to a bounds che...

7.5CVSS7.7AI score0.11327EPSS
Exploits1
0day.today
0day.today
added 2019/02/01 12:0 a.m.60 views

macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File Exploit

/ XNU has various interfaces that permit creating copy-on-write copies of data between processes, including out-of-line message descriptors in mach messages. It is important that the copied memory is protected against later modifications by the source process; otherwise, the source process might ...

5.5CVSS6.6AI score0.0342EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
added 2018/11/05 12:0 a.m.25 views

(Pwn2Own) Apple macOS Dock Service DSSetDesktopForDisplayAndSpace Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mac...

4.4CVSS4.2AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/11/05 12:0 a.m.32 views

(Pwn2Own) Apple macOS launchd Improper Access Check Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS2.9AI score0.13919EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
added 2018/09/19 12:0 a.m.17 views

Apple macOS Dock Service DSSetPreferences Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/09/19 12:0 a.m.20 views

Apple macOS Dock Service DSCopyPreferences Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4.2AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/09/19 12:0 a.m.28 views

Apple macOS Dock Service DSSetProcessRecents Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4.3AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/06/26 12:0 a.m.22 views

Apple macOS Dock Service DSMinimizeWindowWithTitle Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4.6AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/06/26 12:0 a.m.19 views

Apple macOS Dock Service DSSetProcessLabel Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4.2AI score0.01497EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/06/11 12:0 a.m.21 views

Apple macOS Dock Service DSSetItemTitle Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

4.4CVSS4.5AI score0.01497EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2016/12/22 12:0 a.m.68 views

Apple macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=954 Proofs of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40954.zip Userspace MIG services often use machmsgserver or machmsgserveronce to implent an RPC server. These two functions a...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/01/28 12:0 a.m.64 views

Apple Mac OSX / iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers

Exploit for multiple platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=553 The mach voucher subsystem fails to correctly handle spoofed no-more-senders messages. ipckobjectserver will be called for mach messages sent to kernel-owned mach...

7.2CVSS8.3AI score0.00996EPSS
Exploits5
CNVD
CNVD
added 2015/12/13 12:0 a.m.2 views

Apple OS X mach message handling arbitrary code execution vulnerability

Apple OS X is an operating system developed by Apple Inc. Apple OS X suffers from a security vulnerability in the handling of mach messages, which allows an attacker to exploit the vulnerability to execute arbitrary code with kernel privileges...

7.2CVSS7.5AI score0.00996EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2014/09/22 12:0 a.m.44 views

Apple Mac OS X Multiple Vulnerabilities -07 (Sep 2014)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.05715EPSS
Exploits9References5
NVD
NVD
added 2014/02/27 1:55 a.m.22 views

CVE-2014-1262

Apple Type Services ATS in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption...

7.5CVSS6.8AI score0.01593EPSS
Exploits1References1
NVD
NVD
added 2014/02/27 1:55 a.m.17 views

CVE-2014-1256

Buffer overflow in Apple Type Services ATS in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages...

7.5CVSS6.9AI score0.01346EPSS
Exploits1References1
NVD
NVD
added 2014/02/27 1:55 a.m.24 views

CVE-2014-1255

Apple Type Services ATS in Apple OS X before 10.9.2 does not properly validate calls to the free function, which allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages...

7.5CVSS6.8AI score0.01593EPSS
Exploits1References1
Prion
Prion
added 2014/02/27 1:55 a.m.18 views

Buffer overflow

Buffer overflow in Apple Type Services ATS in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages...

7.5CVSS6.6AI score0.01346EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder