12 matches found
Exploit for Type Confusion in Apple Safari
CVE-2024-23222 — WebKit Type Confusion → iOS 16.4.1 Sandbox Es...
EUVD-2014-8670
Malware in sbrugna...
CVE-2023-28206
creationtimestamp| type| source ---|---|--- 2023-04-10 09:02:28+00:00| exploited| https://t.me/itsecnews/2430 2023-04-10 12:29:34+00:00| exploited| https://t.me/truesecator/4268 2023-04-10 22:22:57+00:00| exploited| https://t.me/cibsecurity/61783 2023-04-11 07:53:32+00:00| seen|...
In-the-wild iOS Exploit Chain 1
Posted by Ian Beer, Project Zero TL;DR This exploit provides evidence that these exploit chains were likely written contemporaneously with their supported iOS versions; that is, the exploit techniques which were used suggest that this exploit was written around the time of iOS 10. This suggests...
Vulnerability Spotlight: Multiple Apple IntelHD5000 privilege escalation vulnerabilities
Tyler Bohan of Cisco Talos discovered this vulnerability. Executive Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of Apple OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds...
Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability
Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...
Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability
Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...
Apple iOS < 8.1.3 Multiple Vulnerabilities
Binary data 8639.prm...
CVE-2014-8840
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store...
Design/Logic Flaw
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store...
CVE-2014-8840
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store...
Apple iOS Malicious Site Safari Sandbox Restriction Bypass Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in Apple iOS's handling of redirect URLs from Safari to the iTunes Store allows remote attackers to exploit the vulnerability to construct URIs that users are tricked into parsing...