Lucene search
K

98 matches found

Prion
Prion
added 2018/04/03 6:29 a.m.22 views

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "LaunchServices" component. It allows attackers to bypass the code-signing protection mechanism via a crafted app...

6.8CVSS6.2AI score0.01113EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/04/03 6:0 a.m.61 views

CVE-2018-4175

CVE-2018-4175 affects macOS LaunchServices prior to 10.13.4. A crafted app could bypass code-signing protection, enabling execution of modified Terminal and potentially arbitrary commands. Apple released macOS 10.13.4/security updates (HT208692) addressing this by enforcing code-signing protectio...

7.8CVSS7.1AI score0.01113EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/03 6:0 a.m.18 views

CVE-2018-4175

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "LaunchServices" component. It allows attackers to bypass the code-signing protection mechanism via a crafted app...

7.1AI score0.01113EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/04/02 12:0 a.m.290 views

macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-002)

The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components : - ATS - CFNetwork Session - CoreFoundation - CoreTypes - curl - Disk Images - iCloud Drive - Kernel - kext...

9.8CVSS7.7AI score0.08523EPSS
Exploits5References23
Tenable Nessus
Tenable Nessus
added 2018/04/02 12:0 a.m.93 views

macOS 10.13.x < 10.13.4 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components : - Admin Framework - APFS - ATS - CoreFoundation - CoreText - Disk Images - Disk Management - File System Events - iCloud...

10CVSS7.8AI score0.04722EPSS
Exploits5References43
CNVD
CNVD
added 2016/03/30 12:0 a.m.5 views

Apple iOS LaunchServices XPC Services API Security Restriction Bypass Vulnerability

iOS is an operating system developed by Apple for mobile devices, and supported devices include iPhone, iPod touch, iPad, and Apple TV. In Apple iOS versions prior to 9.3, a security restriction bypass vulnerability exists in the XPC Services API in LaunchServices, which allows a remote attacker ...

6.2CVSS8.6AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2016/03/29 3:59 p.m.17 views

CVE-2016-1760

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app...

6.2CVSS5.4AI score0.00335EPSS
Exploits0References3
Prion
Prion
added 2016/03/29 3:59 p.m.21 views

Design/Logic Flaw

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app...

2.1CVSS6.1AI score0.00335EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/03/29 3:0 p.m.92 views

CVE-2016-1760

CVE-2016-1760 affects iOS LaunchServices XPC Services API prior to iOS 9.3. The vulnerability arises from an event handler validation issue in the XPC Services API, which could allow a crafted app to bypass intended event-handler restrictions and modify events in arbitrary apps. The Apple advisor...

6.2CVSS6.5AI score0.00335EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/03/29 3:0 p.m.22 views

CVE-2016-1760

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app...

5.4AI score0.00335EPSS
Exploits0References3
NVD
NVD
added 2015/12/11 12:0 p.m.13 views

CVE-2015-7113

The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a malformed plist...

10CVSS7.1AI score0.02828EPSS
Exploits0References5
Prion
Prion
added 2015/12/11 12:0 p.m.15 views

Memory corruption

The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a malformed plist...

10CVSS7.6AI score0.02828EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2015/12/11 11:0 a.m.51 views

CVE-2015-7113

The CVE-2015-7113 issue affects Apple iOS before 9.2 and watchOS before 2.1, targeting the LaunchServices component via a malformed plist. The underlying fault is memory corruption that can allow attackers to execute arbitrary code in a privileged context or cause a denial of service. Impact is d...

10CVSS7.3AI score0.02828EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/12/11 11:0 a.m.19 views

CVE-2015-7113

The LaunchServices component in Apple iOS before 9.2 and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a malformed plist...

7.1AI score0.02828EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/12/10 12:0 a.m.19 views

Apple iOS < 9.2 Multiple Vulnerabilities

Binary data appleios92check.nbin...

10CVSS7.3AI score0.11297EPSS
Exploits10References52
NVD
NVD
added 2015/04/10 2:59 p.m.17 views

CVE-2015-1143

LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue...

7.2CVSS6.5AI score0.00485EPSS
Exploits1References4
NVD
NVD
added 2015/04/10 2:59 p.m.14 views

CVE-2015-1142

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

2.1CVSS6.4AI score0.00354EPSS
Exploits0References4
Prion
Prion
added 2015/04/10 2:59 p.m.13 views

Code injection

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

2.1CVSS6.3AI score0.00354EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2015/04/10 2:59 p.m.19 views

Type confusion

LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a "type confusion" issue...

7.2CVSS6.3AI score0.00485EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2015/04/10 2:0 p.m.60 views

CVE-2015-1142

CVE-2015-1142 affects Apple OS X LaunchServices prior to 10.10.3, where crafted localization data can trigger a local denial-of-service (Finder crash). The NVD entry lists the impact as Denial of Service with partial availability impact, and the recommended remediation is to update to the latest ...

2.1CVSS6.3AI score0.00354EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder