Libarchive: libarchive: denial of service via malformed iso file processing

...

EUVD-2025-203135

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...

EUVD-2017-18886

Malware in sbrugna...

Apple macOS 后置链接漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS that stems from the handling of maliciously crafted DMG files could lead to the execution of arbitrary code with system privileges. The following products and...

Shlayer and Bundlore MacOS Malware Strains – How Uptycs EDR Detection Can Help

Adware strains Shlayer and Bundlore are the most common malware in macOS – although they have slight variations, they have long invaded and bypassed Xprotect, Notarization, Gatekeeper, and File Quarantine, all security features pre-built into macOS. The Uptycs threat research team has tracked the...

CVE-2015-1337

Simple Streams simplestreams does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 aka Forbidden response...

CVE-2015-1337

CVE-2015-1337 affects Simple Streams (simplestreams): the code path that verifies GPG signatures of disk image files is flawed, enabling a remote attacker to spoof disk images and trigger a 403 response. The issue is documented in multiple sources (Ubuntu USN-2746-1 and related CVE records). Miti...

CVE-2015-1337

Simple Streams simplestreams does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 aka Forbidden response...

Apple OS X DMG File Handling Memory Corruption Vulnerability

Apple OS X is a BSD-based operating system distributed by Apple. Apple OS X suffers from a memory corruption vulnerability in the handling of special DMG files, which allows remote attackers to exploit the vulnerability to construct malicious files that can be parsed by an application and can be...

Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of internet enabled disk image files...

CVE-2008-2004

The driveinit function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted...

CVE-2004-0485

The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file .dmg to be mounted as a disk volume...