12 matches found
PT-2026-49057
Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...
CVE-2022-22302
A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...
Information disclosure
A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...
CVE-2022-22302
A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...
PT-2023-1501 · Fortinet · Fortiauthenticator +2
Name of the Vulnerable Software and Affected Versions: FortiGate versions 6.0.0 through 6.0.13 FortiGate versions 6.2.0 through 6.2.9 FortiGate versions 6.4.0 through 6.4.1 FortiAuthenticator version 5.5.0 FortiAuthenticator versions 6.0 FortiAuthenticator versions 6.1 Description: A clear text...
Exploit for Integer Overflow or Wraparound in Apple Ipados
PoC exploit for CVE-2021-30860, a vulnerability in Apple's Xcode...
Google uncovers new iOS security feature Apple quietly added after zero-day attacks
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was...
Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users
Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management MDM protocol—a...
Apple iCloud for Windows and iTunes for Windows APNs Server Security Bypass Vulnerability
Apple iCloud for Windows and iTunes for Windows are both products of Apple Inc. Apple iCloud for Windows is a Windows-based cloud service that supports the storage of music, photos, apps, contacts, and more. iTunes for Windows is a suite of media player applications based on the Windows platform...
The vulnerability of the multimedia player iTunes, which allows a tracker to monitor users
The vulnerability of the APNs Server component in the iTunes multimedia player relates to the use of open-text client certificates and their transmission to the vulnerable component. Exploiting this vulnerability allows a malicious actor to track users by correlating them with the certificates...
Troubleshooting Secure Mail Issues with iOS Push Notifications
This article discusses how to diagnose and fix issues related to Secure Mail push notifications on iOS devices. Background Push notifications for Secure Mail allow users to receive updates when the app refreshes, and notifications about email and calendar activitythrough the Apple Push Notificati...
#Antisec Hackers hack FBI laptop and leak 12 Million Apple Device Records
The hacker group AntiSec released a file of a million and one UDIDs unique device identifiers which it claims to have hacked it off an FBI computer via a Java vulnerability. UDIDs are unique IDs for iPhone, iPad and iPod Touch devices. They said they obtained the file in March by hacking into the...