EUVD-2009-2802

Malware in sbrugna...

PT-2025-5292 · Apple · Ipados +5

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 Description: This issue is related to insufficient...

PT-2025-5291 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.7.3 macOS Sequoia versions prior to 15.3 macOS Sonoma versions prior to 14.7.3 Description: An access issue was addressed with additional sandbox restrictions. This issue allows an app to bypass Privacy...

PT-2024-10231

Name of the Vulnerable Software and Affected Versions MacOS affected versions not specified Description The issue is related to a synchronization error in the Launch Services interface of MacOS operating systems, which is a "race condition" scenario. This could allow an attacker to bypass the...

Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices

Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain...

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple through Coordinated Vulnerability Disclosure CVD via Microsoft Security Vulnerability Research MSVR in October...

Apple tvOS 权限许可和访问控制问题漏洞

Apple tvOS is a set of smart TV operating systems from Apple, Inc. A vulnerability exists in Apple tvOS versions 15.0 19J346 - 15.4.1 19L452 with privilege permission and access control issues, which stems from a sandbox bypass in LaunchServices. An attacker can exploit this vulnerability to bypa...

PT-2021-18924 · Apple +1 · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.0.1 macOS Big Sur versions prior to 11.6.6 Description: A logic issue was addressed with improved state management. This issue allows a sandboxed process to potentially circumvent sandbox restrictions. The...

CVE-2016-1760

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app...

Apple Mac OS X 10.5.x Mail Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26510/info Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments. Attackers can exploit this issue to execute arbitrary co...

Mac OS X 10.5.2 Update / Mac OS X Security Update 2008-001

The remote host is missing Mac OS X 10.5.2 Update / Security Update 2008-001. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X 10.5.2 Update / Mac OS X Security Update 2008-001

The remote host is missing Mac OS X 10.5.2 Update / Security Update 2008-001. One or more of the following components are affected: Directory Services Foundation Launch Services Mail NFS Open Directory Parental Controls Samba Terminal X11 OpenVAS Vulnerability Test Mac OS X 10.5.2 Update / Securi...

Mac OS X Security Update 2007-009

The remote host is missing Security Update 2007-009. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X Security Update 2009-005

The remote host is missing Security Update 2009-005. One or more of the following components are affected: Alias Manager CarbonCore ClamAV ColorSync CoreGraphics CUPS Flash Player plug-in ImageIO Launch Services MySQL PHP SMB Wiki Server OpenVAS Vulnerability Test Mac OS X Security Update 2009-00...

Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002

The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002. One or more of the following components are affected: Apache ATS BIND CFNetwork CoreGraphics Cscope CUPS Disk Images enscript Flash Player plug-in Help Viewer iChat International Components for Unicode IPSec...

Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002

The remote host is missing Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X Security Update 2007-009

The remote host is missing Security Update 2007-009. One or more of the following components are affected: Address Book CFNetwork ColorSync Core Foundation CUPS Desktop Services Flash Player Plug-in GNU Tar iChat IO Storage Family Launch Services Mail perl python Quick Look ruby Safari Safari RSS...

Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004

The remote host is missing Mac OS X 10.5.4 Update / Mac OS X Security Update 2008-004. One or more of the following components are affected: Alias Manager CoreTypes c++filt Dock Launch Services Net-SNMP Ruby SMB File Server System Configuration Tomcat VPN WebKit OpenVAS Vulnerability Test Mac OS ...

CVE-2009-2810

Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message...

Information disclosure

Launch Services in Apple Mac OS X 10.6.x before 10.6.2 recursively clears quarantine information upon opening a quarantined folder, which allows user-assisted remote attackers to execute arbitrary code via a quarantined application that does not trigger a "potentially unsafe" warning message...