Lucene search
K

854 matches found

BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.10 views

The vulnerability in the XNU kernel of iOS, Mac OS, and TV OS allows attackers to perform unauthorized changes to the memory shared among processes.

The vulnerability of the XNU-based operating systems such as iOS, Mac OS, and TV OS is related to errors in the memory initialization mechanism. Exploiting this vulnerability allows an attacker to perform unauthorized changes to the memory shared among processes, using specially crafted executabl...

5.5CVSS5.5AI score0.0342EPSS
Exploits2References8Affected Software3
The Hacker News
The Hacker News
added 2019/06/03 3:57 p.m.3 views

macOS 0-Day Flaw Lets Hackers Bypass Security Features With Synthetic Clicks

A security researcher who last year bypassed Apple's then-newly introduced macOS privacy feature has once again found a new way to bypass security warnings by performing 'Synthetic Clicks' on behalf of users without requiring their interaction. Last June, Apple introduced a core security feature ...

6.7AI score
Exploits0
OSV
OSV
added 2019/05/31 10:29 p.m.6 views

CVE-2019-10038

Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file...

7.8CVSS6AI score0.01307EPSS
Exploits4References3
Palo Alto Networks
Palo Alto Networks
added 2019/04/09 5:45 p.m.8 views

Information Disclosure in GlobalProtect App

An information disclosure vulnerability exists in the GlobalProtect App for Windows and macOS VU192371. Successful exploitation of this issue would allow a local authenticated attacker to access authentication and/or session tokens and replay them to spoof the VPN session and gain access as the...

2.5CVSS6.6AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2018/09/06 11:29 p.m.19 views

CVE-2018-15749

The Pulse Secure Desktop macOS 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability...

5.5CVSS5.5AI score0.00316EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/04/23 12:36 p.m.5 views

chromium-browser: Fullscreen UI spoof

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page...

6.5CVSS7.4AI score0.01453EPSS
Exploits0References5
CNVD
CNVD
added 2018/03/07 12:0 a.m.6 views

PrivateVPN for macOS Privilege Permission and Access Control Vulnerability (CNVD-2018-04750)

PrivateVPN for macOS is a macOS-based VPN software for anonymous access to the Internet. A privilege permission and access control vulnerability exists in PrivateVPN for macOS-based platforms. An attacker can exploit the vulnerability by sending an XPC message to the XPC service with a...

10CVSS7.3AI score0.02413EPSS
Exploits0References1
NVD
NVD
added 2018/02/21 10:29 p.m.13 views

CVE-2018-7281

CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system call, thus allowing low privileged users to execute commands as root...

9CVSS9AI score0.0157EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/02/21 10:0 p.m.17 views

CVE-2018-7281

CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system call, thus allowing low privileged users to execute commands as root...

9AI score0.0157EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2017/12/11 8:42 p.m.12 views

Google Researcher Releases iOS Exploit—Could Enable iOS 11 Jailbreak

As promised last week, Google's Project Zero researcher Ian Beer now publicly disclosed an exploit that works on almost all 64-bit Apple devices running iOS 11.1.2 or earlier, which can be used to build an iOS jailbreak, allowing users to run apps from non-Apple sources. On Monday morning, Beer...

7.2AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
added 2017/12/06 12:20 a.m.10 views

GlobalProtect App Vulnerability

An "image path execution hijacking" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requires the root privileges on the local station. An attacker could exploit this vulnerability to obtain a certain level of persistence on the compromised host. ref...

6.7CVSS6.9AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2017/11/13 3:29 a.m.2 views

CVE-2017-13801

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search...

3.3CVSS5.8AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2017/10/23 1:29 a.m.4 views

CVE-2017-7149

An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally...

7.8CVSS7.3AI score0.00498EPSS
Exploits1References6
OSV
OSV
added 2017/04/02 1:59 a.m.3 views

CVE-2017-2451

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context or cau...

7.8CVSS7.6AI score0.01598EPSS
Exploits0References6
Prion
Prion
added 2017/04/02 1:59 a.m.12 views

Code injection

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app...

9.3CVSS6.7AI score0.01439EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/04/02 1:59 a.m.12 views

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "iBooks" component. It allows remote attackers to obtain sensitive information from local files via a file: URL in an iBooks file...

4.3CVSS2.7AI score0.01226EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/03/09 12:0 a.m.7 views

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to trigger service interruptions or execute arbitrary code

The vulnerability of the CoreMedia Playback component in iOS and Mac OS X operating systems arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption, application...

6.8CVSS8.4AI score0.02409EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2017/02/20 8:59 a.m.0 views

CVE-2016-7662

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows remote attackers to spoof certificates via unspecified vectors...

7.5CVSS5.6AI score0.01404EPSS
Exploits0References5
CNVD
CNVD
added 2016/12/17 12:0 a.m.1 views

Apple macOS Denial of Service Vulnerability

Apple macOS is a specialized operating system developed by Apple for Mac computers. A denial of service vulnerability exists in Apple macOS version 10.12.2, which is caused by a man-in-the-middle attack on the Safari SSL "handshake" process that results in memory exhaustion, and can be exploited ...

5.9CVSS6.3AI score0.01453EPSS
Exploits1References1
OSV
OSV
added 2016/09/02 12:0 a.m.1 views

UBUNTU-CVE-2016-5167

Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

8.8CVSS7.3AI score0.01352EPSS
Exploits0References4
Rows per page
Query Builder