macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR

macos-collector.sh is a Shell script utilized to collect macOS Forensic Artifacts from a compromised macOS endpoint using primarily Aftermath by Jamf Threat Labs...

CVE-2024-2403

Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and earlier on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the temporary directory...

CVE-2022-32158

Splunk Enterprise deployment servers in versions before 8.1.10.1, 8.2.6.1, and 9.0 let clients deploy forwarder bundles to other deployment clients through the deployment server. An attacker that compromised a Universal Forwarder endpoint could use the vulnerability to execute arbitrary code on a...

Palo Alto GlobalProtect Agent <= 4.1.10 Information Disclosure (MacOS)

The version of Palo Alto GlobalProtect Agent installed on the remote macOS or Mac OS X host is prior to 4.1.11. It is, therefore, affected by an information disclosure vulnerability. Successful exploitation of this issue would allow a local authenticated attacker to access authentication and/or...

PT-2019-12191 · Pulse · Pulse Desktop Client +1

Name of the Vulnerable Software and Affected Versions: Pulse Desktop Client versions 5.x through 5.3R6 Pulse Desktop Client versions 9.x through 9.0R2 Pulse Connect Secure versions 8.1 through 8.1R13 Pulse Connect Secure versions 8.3 through 8.3R6 Pulse Connect Secure versions 9.0 through 9.0R2...