springboard.uk.net Cross Site Scripting vulnerability OBB-2746855

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Google uncovers new iOS security feature Apple quietly added after zero-day attacks

Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was...

CVE-2020-0219

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081...

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds Exploit

When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated...

Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages

Five bugs in Apple’s iMessage service for the iPhone have been uncovered that require no user interaction to exploit, including one that would allow remote attackers to access content stored on iOS devices. First discovered by Google Project Zero security researcher Natalie Silvanovich, Apple has...

macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary I

macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances When deserializing NSObjects with the NSArchiver API 1, one can supply a whitelist of classes that are allowed to be unarchived. In that case, any object in the archive whose class is not...

macOS iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances

macOS iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances When deserializing NSObjects with the NSArchiver API 1, one can supply a whitelist of classes that are allowed to be unarchived. In that case, any object in the archive whose class is not...

iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References

iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References When deserializing a class with initWithCoder, subclasses of that class can also be deserialized so long as they do not override initWithCoder and implement all methods that require a concrete implementation...

iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References

When deserializing a class with initWithCoder, subclasses of that class can also be deserialized so long as they do not override initWithCoder and implement all methods that require a concrete implementation. PFArray is such a subclass of NSArray. When a PFArray is deserialized, it is deserialize...

macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances

When deserializing NSObjects with the NSArchiver API 1, one can supply a whitelist of classes that are allowed to be unarchived. In that case, any object in the archive whose class is not whitelisted will not be deserialized. Doing so will also cause the NSKeyedUnarchiver to "requireSecureCoding"...

Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read Exploit

The digital touch iMessage extension can read out of bounds if a malformed Tap message contains a color array that is shorter than the points array and delta array. The method ETTapMessage initWithArchiveData: checks that the points array is twice as long as the deltas array, but only checks that...

Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read

Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read The digital touch iMessage extension can read out of bounds if a malformed Tap message contains a color array that is shorter than the points array and delta array. The method ETTapMessage initWithArchiveData: checks that the...

Apple Promises Fix for Latest ‘Text Bomb’ Bug As Abuse Spreads

UPDATE Apple said it is working on a fix for the latest text bomb bug that crashes a number of iOS and Mac apps that display specific Telugu language characters. On Monday, it made good on the promise and announced the availability of a patch CVE-2018-4124 for iOS 11.2.6, watchOS 4.2.3, tvOS...

The vulnerability of the iOS operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Springboard component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a local attacker to obtain confidential information by viewing the application’s screenshot in the Task Switcher program...

The vulnerability of the iOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SpringBoard component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating locally, to compromise the confidentiality, integrity, and accessibility of protected information through...

The vulnerability of the iOS operating system allows a hacker to bypass the code access procedure and unlock the device.

The vulnerability of the SpringBoard component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious individual to bypass the code access procedure and unlock the device using uncertain vectors...

Apple iOS Springboard Component Information Disclosure Vulnerability

Apple iOS is an operating system for mobile devices developed by Apple Inc. in the United States. A security vulnerability exists in the Springboard component of Apple iOS that could be exploited by a local attacker to obtain sensitive information...

CVE-2016-7759

An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher...

CVE-2016-7759

An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher...