CVE-2018-25081

Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...

richlamp-apple.com Cross Site Scripting vulnerability OBB-2756407

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

apple.com-ausgewaehlter-gewinners.xyz XSS vulnerability

Open Bug Bounty ID: OBB-90458 Description| Value ---|--- Affected Website:| apple.com-ausgewaehlter-gewinners.xyz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP X...

apple.com XSS vulnerability

Vulnerable URL: http://www.apple.com/uk/shop/buttonavailability?cs=product selection=education=home=true=AOS: home587c6ab628 Details: Description| Value ---|--- Patched:| Yes, at 08.12.2015 Latest check for patch:| 08.12.2015 15:11 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

apple.com XSS vulnerability

Vulnerable URL: http://www.apple.com/us-hed/shop/buttonavailability?cs=product+selection=education=home=true=AOS%3a%20home587c6ab628 Details: Description| Value ---|--- Patched:| Yes, at 09.12.2015 Latest check for patch:| 09.12.2015 06:59 GMT Vulnerability type:| XSS Vulnerability status:|...

Apple Phishing Scams on the Rise

Apple has one of the more gilded consumer brands and the company spends a lot of time and money to keep it that way. Consumers love Apple. Scammers and attackers do too, though, and security researchers in recent months have seen a major spike in the volume of phishing emails abusing Apple’s bran...

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker)

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed byIdahclebanese hacker After Sony hacks, Idahclebanese hacker is back to strike Apple.com . He found two vulnerability on https://consultants.apple.com/ as listed below. Iframe Injection :Click here Blind SQL INjection:Clic...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker)

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahclebanese hacker After Sony hacks, Idahclebanese hacker is back to strike Apple.com . He found two vulnerability on as listed below. Iframe Injection : Click here Blind SQL INjection: Click Here Examples of the...

Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 2 Binary Analysis | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/apple-quicktime-flashpix-numberoftiles-vulnerability/ ''' ''' Title : Apple QuickTime FlashPix NumberOfTiles Remote Code...

Apple iPhone OS USB控制消息信息泄露漏洞

BUGTRAQ ID: 38040 CVE ID: CVE-2010-0038 iPhone OS是苹果iPhone智能手机和iPod touch播放器所使用的操作系统。 在处理某些USB控制消息时存在内存破坏漏洞，能够物理访问设备的用户可以绕过通行码验证访问用户数据。 Apple iPhone OS 1.1 - 3.1.2 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.apple.com...

多个产品库MP4文件远程拒绝服务漏洞

BUGTRAQ ID: 31957 CNCAN ID：CNCAN-2008102904 多个电话和音频产品使用的库在处理畸形MP4文件时存在问题，可导致应用程序崩溃。 这些产品包括： Apple iPhone Apple iPod touch VideoLan VLC 目前没有详细漏洞细节提供。其他产品也可能受此漏洞影响。 VideoLAN VLC media player 0.9.4 VideoLAN VLC media player 0.9.3 VideoLAN VLC media player 0.9.2 VideoLAN VLC media player 0.9.1 VideoL...