10 matches found
EUVD-2018-2478
Malware in sbrugna...
Sinter - A User-Mode Application Authorization System For MacOS Written In Swift
Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift. Sinter uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter...
Google Santa and molcodesignchecker Code Signing Vulnerabilities
Google Santa is a binary black/white listing system for macOS. molcodesignchecker is a program that performs code signature verification in Objective-C. A security vulnerability exists in Google Santa and molcodesignchecker. The vulnerability can be exploited by an attacker with a maliciously...
Code injection
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but...
CVE-2018-10405
CVE-2018-10405 concerns Google Santa and molcodesignchecker, where a maliciously crafted Universal/Fat binary can bypass third‑party code signing checks. The vulnerability arises from incomplete inspection of Fat binaries, allowing an unsigned malicious payload to be executed while a legitimate A...
Google Santa Code Signing Bypass (macOS)
The installed version of Google Santa is less than 0.9.25 and is therefore vulnerable to allowing execution of malicious binaries due to accepting forged Apple signatures. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110519; scriptversion"1.6";...
Google Santa Installed (macOS)
Binary data macosxgooglesantainstalled.nbin...
Google Santa Tracker - Exported components, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application Google Santa Tracker published at the 'play' market has multiple vulnerabilities...