782 matches found
Apple macOS High Sierra APFS is vulnerable
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.APFS is one of the file system components for Apple devices. A security vulnerability exists in the APFS component of Apple macOS High Sierra versions prior to 10.13.1. The vulnerability can be exploite...
Apple macOS EFI Password Recovery Vulnerability
Apple macOS is a specialized operating system for Mac computers developed by Apple Inc. in the United States. efi is one of the firmware upgrade interface components. A password recovery vulnerability exists in the EFI component of Apple macOS versions prior to 10.12.4. The vulnerability can be...
Design/Logic Flaw
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...
CVE-2016-7585
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...
CVE-2016-7585
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...
CVE-2016-7585
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...
The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.
The vulnerability of the Thunderbolt component in the Mac OS X operating system is related to pointer assignment errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or trigger a service failure pointer zero assignment through a specially...
CVE-2016-4780
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...
CVE-2016-4780
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...
Null pointer dereference
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...
CVE-2016-4780
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "Thunderbolt" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service NULL pointer dereference via a crafted app...
CVE-2016-4780
CVE-2016-4780 affects Thunderbolt in macOS Sierra prior to 10.12.1. The issue could allow a crafted app to execute arbitrary code in kernel context or cause a denial of service (NULL pointer dereference). Apple’s macOS 10.12.1 security update (and related updates) address the Thunderbolt null poi...
Mac OS X 10.x < 10.12.1 Multiple Vulnerabilities
Binary data 9758.prm...
macOS 10.12.x < 10.12.1 Multiple Vulnerabilities
The remote host is running a version of Mac OS X that is 10.12.x prior to macOS 10.12.1. It is, therefore, affected by multiple vulnerabilities in the following components : - ATS - AppleMobileFileIntegrity - AppleSMC - CFNetwork Proxies - CoreGraphics - FaceTime - FontParser - IDS - Connectivity...
CVE-2016-4727
IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...
Xunlei Elevation of Privilege Vulnerability
Thunderbolt is a popular P2P download tool. Xunlei has a security vulnerability, as the system service installed by Xunlei provides the function of loading dynamic link libraries, but is not validated, allowing an attacker to exploit the vulnerability by executing code as SYSTEM under any user,...
The vulnerability of the Mac OS X operating system, which allows a hacker to modify the microprogramming software
The vulnerability of the EFI component in the Mac OS X operating system is related to errors in the code. Exploiting this vulnerability allows an intruder to modify the microprogramming software using a third-party storage device connected to the Thunderbolt interface...
Code injection
The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete...
Thunderstrike 2: World's First Firmware Worm That Infects Mac Computers Without Detection
If you think Apple’s Mac computers are much more secure than Windows-powered systems, you need to think again. This isn’t true, and security researchers have finally proved it. Two security researchers have developed a proof-of-concept computer worm for the first time that can spread automaticall...
Thunderstrike 2 Mac OS X Firmware Worm
A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week’s Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that...