12 matches found
EUVD-2025-19229
Malicious code in bioql PyPI...
CVE-2025-52573
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573
CVE-2025-52573 affects the iOS Simulator MCP Server (ios-simulator-mcp). The vulnerability arises in the MCP Server’s tool definitions (notably the ui_tap tool) which rely on Node.js child process API exec. When untrusted input is used for parameters such as duration, udid, x, and y, shell meta-c...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
PT-2025-26970 · Apple · Ios Simulator Mcp Server
Name of the Vulnerable Software and Affected Versions: iOS Simulator MCP Server versions prior to 1.3.3 Description: The issue concerns a command injection vulnerability in the MCP Server tool definition and implementation. The MCP Server exposes the tool ui tap, which relies on the Node.js child...
iOS Simulator MCP Server 操作系统命令注入漏洞
iOS Simulator MCP Server is an MCP server for interacting with iOS Simulator by Joshua Yoes, an individual developer. An operating system command injection vulnerability exists in iOS Simulator MCP Server versions prior to 1.3.3, which stems from a command injection vulnerability in some MCP Serv...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64 to version 6.0.3 or higher. References - Dotnet Announcement -...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64 to version 6.0.3 or higher. References - Dotnet Announcement...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86 to version 6.0.3 or higher. References - Dotnet Announcement -...