Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0110

Malware in sbrugna...

7.8CVSS7.7AI score0.00857EPSS
Exploits1References6
Veracode
Veracode
added 2024/04/30 6:49 a.m.21 views

Improper Certificate Validation

osxcollector is vulnerable to Improper Certificate Validation. The vulnerability is due to incomplete inspection of Universal/fat binaries, which allows malicious code to appear as if it is signed by Apple, leading to the execution of unsigned code...

7.8CVSS7.4AI score0.00857EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.20 views

Yelp OSXCollector Improper Certificate Validation

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.6AI score0.00857EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/05/13 1:48 a.m.15 views

GHSA-G3CC-PVJJ-9XQ9 Yelp OSXCollector Improper Certificate Validation

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

8.4CVSS7.5AI score0.00857EPSS
Exploits1References6
Kitploit
Kitploit
added 2019/07/28 1:7 p.m.213 views

OSXCollector - A Forensic Evidence Collection & Analysis Toolkit For OS X

OSXCollector is a forensic evidence collection & analysis toolkit for OSX. Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file...

6.6AI score
Exploits0References9
Kitploit
Kitploit
added 2019/07/23 9:54 p.m.82 views

AMIRA - Automated Malware Incident Response & Analysis

AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of retrieving the output files from an S3 bucket,...

6.8AI score
Exploits0References9
CNVD
CNVD
added 2018/06/19 12:0 a.m.2 views

Yelp OSXCollector Code Execution Vulnerability

Yelp OSXCollector is a malware analysis toolkit for OSX. A security vulnerability exists in Yelp OSXCollector. The vulnerability can be exploited by maliciously crafted multi-architecture programs Universal/fat binary to bypass third-party code signature detection and execute unsigned malicious...

7.8CVSS7.8AI score0.00857EPSS
Exploits1References1
PyPA
PyPA
added 2018/06/13 10:29 p.m.17 views

PYSEC-2018-95

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.2AI score0.00857EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2018/06/13 10:29 p.m.18 views

Code injection

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

6.8CVSS7.6AI score0.00857EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/13 10:29 p.m.16 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.6AI score0.00857EPSS
Exploits1References1
OSV
OSV
added 2018/06/13 10:29 p.m.15 views

PYSEC-2018-95

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS2.1AI score0.00857EPSS
Exploits1References2
OSV
OSV
added 2018/06/13 10:29 p.m.22 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.8CVSS7.9AI score
Exploits0References1
CVE
CVE
added 2018/06/13 10:0 p.m.48 views

CVE-2018-10406

CVE-2018-10406 — Yelp OSXCollector : Affected product is Yelp OSXCollector. The vulnerability describes that a maliciously crafted Universal/fat binary can bypass third-party code signing checks by not completing full inspection of the multi-architecture binary, causing the tool to report that th...

7.8CVSS7.5AI score0.00857EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/13 10:0 p.m.20 views

CVE-2018-10406

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious...

7.6AI score0.00857EPSS
Exploits1References1
n0where
n0where
added 2016/08/04 2:55 a.m.24 views

OS X Forensic Evidence Collection: OSXCollector

OS X Forensic Evidence Collection: OSXCollector Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file system. Forensic Analysis...

6.5AI score
Exploits0References1
n0where
n0where
added 2016/08/04 2:38 a.m.12 views

Automated Malware Incident Response & Analysis: AMIRA

Automated Malware Incident Response & Analysis AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular The One Filter to Rule Them All : the Analyze Filter. AMIRA takes care of...

0.8AI score
Exploits0References4
Rows per page
Query Builder