6 matches found
thetortoisetable.org.uk Cross Site Scripting vulnerability OBB-3859196
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug
The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said...
SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
Posted by Ned Williamson, 20% on Project Zero Introduction I have a somewhat unique opportunity in this writeup to highlight my experience as an iOS research newcomer. Many high quality iOS kernel exploitation writeups have been published, but those often feature weaker initial primitives combine...
iOS < 12.4.1 - 'Jailbreak' Local Privilege Escalation
Exploit Title: SockPuppet 3 Date: September 8, 2019 Exploit Author: Umang Raghuvanshi Vendor Homepage: https://apple.com Software Link: https://ipsw.me/ Version: iOS 11.0—12.2, iOS 12.4 Tested on: iOS 11.0—12.2, iOS 12.4 CVE: CVE-2019-8605 This is an alternative and complete exploit for...
Apple iOS < 12.4.1 Use-After-Free (SockPuppet)
Binary data 701155.prm...
Apple Fixes iOS Flaw That Opened iPhones to Jailbreaks
Apple has released an emergency patch fixing a kernel vulnerability – for the second time – after it was accidentally unpatched in iOS 12.4. The flaw CVE-2019-8605, a use-after-free issue existing in the kernel, could enable a malicious application to execute arbitrary code with system privileges...