CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

VirusTotal Code Execution Vulnerability

VirusTotal is a suite of antivirus software. The software is able to detect types of malware by analyzing suspicious files and URLs. A security vulnerability exists in VirusTotal. The vulnerability can be exploited by maliciously crafted multi-fat binary programs Universal/fat binary to bypass...

Objective Development Little Snitch Password Signature Verification Failure Vulnerability

Objective Development Little Snitch is a suite of personal security software for Mac from the Austrian company Objective Development. A security vulnerability exists in Objective Development Little Snitch versions 4.0 through 4.0.6, which stems from the program failing to send the...

CVE-2018-10470

Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fat binary. An attacker can maliciously craft a fat binary containing multiple architectures that may...