Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0110

Malware in sbrugna...

7.8CVSS7.7AI score0.00857EPSS
Exploits1References6
Veracode
Veracode
added 2024/04/30 6:49 a.m.22 views

Improper Certificate Validation

osxcollector is vulnerable to Improper Certificate Validation. The vulnerability is due to incomplete inspection of Universal/fat binaries, which allows malicious code to appear as if it is signed by Apple, leading to the execution of unsigned code...

7.8CVSS7.4AI score0.00857EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/13 1:48 a.m.16 views

GHSA-G3CC-PVJJ-9XQ9 Yelp OSXCollector Improper Certificate Validation

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

8.4CVSS7.5AI score0.00857EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.21 views

Yelp OSXCollector Improper Certificate Validation

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.6AI score0.00857EPSS
Exploits1References6Affected Software1
Kitploit
Kitploit
added 2019/07/28 1:7 p.m.214 views

OSXCollector - A Forensic Evidence Collection & Analysis Toolkit For OS X

OSXCollector is a forensic evidence collection & analysis toolkit for OSX. Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file...

6.6AI score
Exploits0References9
Kitploit
Kitploit
added 2019/07/23 9:54 p.m.82 views

AMIRA - Automated Malware Incident Response & Analysis

AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of retrieving the output files from an S3 bucket,...

6.8AI score
Exploits0References9
CNVD
CNVD
added 2018/06/19 12:0 a.m.3 views

Yelp OSXCollector Code Execution Vulnerability

Yelp OSXCollector is a malware analysis toolkit for OSX. A security vulnerability exists in Yelp OSXCollector. The vulnerability can be exploited by maliciously crafted multi-architecture programs Universal/fat binary to bypass third-party code signature detection and execute unsigned malicious...

7.8CVSS7.8AI score0.00857EPSS
Exploits1References1
Prion
Prion
added 2018/06/13 10:29 p.m.19 views

Code injection

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

6.8CVSS7.6AI score0.00857EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/13 10:29 p.m.18 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.6AI score0.00857EPSS
Exploits1References1
OSV
OSV
added 2018/06/13 10:29 p.m.17 views

PYSEC-2018-95

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS2.1AI score0.00857EPSS
Exploits1References2
OSV
OSV
added 2018/06/13 10:29 p.m.23 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.9AI score
Exploits0References1
PyPA
PyPA
added 2018/06/13 10:29 p.m.21 views

PYSEC-2018-95

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.2AI score0.00857EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/06/13 10:0 p.m.48 views

CVE-2018-10406

CVE-2018-10406 — Yelp OSXCollector : Affected product is Yelp OSXCollector. The vulnerability describes that a maliciously crafted Universal/fat binary can bypass third-party code signing checks by not completing full inspection of the multi-architecture binary, causing the tool to report that th...

7.8CVSS7.5AI score0.00857EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/13 10:0 p.m.22 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.6AI score0.00857EPSS
Exploits1References1
n0where
n0where
added 2016/08/04 2:55 a.m.24 views

OS X Forensic Evidence Collection: OSXCollector

OS X Forensic Evidence Collection: OSXCollector Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file system. Forensic Analysis...

6.5AI score
Exploits0References1
n0where
n0where
added 2016/08/04 2:38 a.m.14 views

Automated Malware Incident Response & Analysis: AMIRA

Automated Malware Incident Response & Analysis AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of...

0.8AI score
Exploits0References4
Rows per page
Query Builder