Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 10:0 a.m.9 views

CVE-2019-8662

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary...

9.8CVSS5.7AI score0.12123EPSS
Exploits2References1
NVD
NVDadded 2019/12/18 6:15 p.m.17 views

CVE-2019-8662

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary...

9.8CVSS7.9AI score0.12123EPSS
Exploits2References4
CVE
CVEadded 2019/12/18 5:33 p.m.131 views

CVE-2019-8662

CVE-2019-8662 : A use-after-free vulnerability in applications deserializing an untrusted NSDictionary was fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, and watchOS 5.3. Public material from Project Zero details a remote, interactionless context via NSKeyedUnarchiver and iMessage-related de...

9.8CVSS7.2AI score0.12123EPSS
Exploits2References4Affected Software4
0day.today
0day.todayadded 2019/11/11 12:0 a.m.175 views

iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address

During processing of incoming iMessages, attacker controlled data is deserialized using the NSUnarchiver API. One of the classes that is allowed to be decoded from the incoming data is NSDictionary. However, due to the logic of NSUnarchiver, all subclasses of NSDictionary that also implement secu...

9.8CVSS0.4AI score0.21227EPSS
Exploits3
0day.today
0day.todayadded 2019/09/26 12:0 a.m.136 views

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds Exploit

When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...

9.8CVSS0.3AI score0.21227EPSS
Exploits2
Exploit DB
Exploit DBadded 2019/09/24 12:0 a.m.254 views

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds

When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2019/09/24 12:0 a.m.32 views

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated...

0.5AI score
Exploits0
exploitpack
exploitpackadded 2019/07/30 12:0 a.m.26 views

macOS iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances

macOS iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances When deserializing NSObjects with the NSArchiver API 1, one can supply a whitelist of classes that are allowed to be unarchived. In that case, any object in the archive whose class is not...

0.3AI score
Exploits0
Rows per page
Query Builder