Malicious code in @arkadium/eagle-user-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7a1219186b72612034e596232352022cd3f3e5eca9f1f4bd2e4787909d4aa9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-81 Malicious code in @arkadium/eagle-user-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7a1219186b72612034e596232352022cd3f3e5eca9f1f4bd2e4787909d4aa9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @arkadium/eagle-user-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if th...

macOS / iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in I

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1377 IOTimeSyncClockManagerUserClient provides the userspace interface for the IOTimeSyncClockManager IOService. IOTimeSyncClockManagerUserClient overrides the...

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free Exploit

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=830 When you create a new IOKit user client from userspace you call: kernreturnt IOServiceOpen ioservicet service, taskportt owningTask, uint32t type, ioconnectt connect ; The...

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=830 When you create a new IOKit user client from userspace you call: kernreturnt IOServiceOpen ioservicet service, taskportt owningTask, uint32t type, ioconnectt connect ;...

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=830 When you create a new IOKit user client from userspace you call: kernreturnt IOServiceOpen ioservicet service, taskportt owningTask, uint32t type, ioconnectt connect ; The owningTask mach port gets converted into a task struc...

Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=782 AppleGraphicsDeviceControlClient doesn't check that its pointer to its IOService at this+0xd8 is non-null before using it in all external methods. We can set this pointer to NULL by racing two threads, one of which calls...

Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input which is a user-space pointer previously passed to the...

Apple Mac OSX - Kernel AppleKeyStore Use-After-Free

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=710 The AppleKeyStore userclient uses an IOCommandGate to serialize access to its userclient methods, however by racing two threads, one of which closes the userclient which frees...

VMware vRealize Automation Cross-Site Scripting Vulnerability

VMware vRealize Automation is a suite of cloud automation software from VMware. The software supports automated delivery of personalized infrastructure, deployment across multi-vendor, hybrid cloud infrastructures, simplified application release automation and continuous delivery. A cross-site...

Apple Mac OSX - 'IOHDIXControllerUserClient::convertClient' Buffer Integer Overflow

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=511 Method 5 of the IOHDIXController user client is createDrive64. This takes a 0x100 byte structure input from which it reads a userspace pointer and a size which it passes to IOHDIXController::convertClientBuffer. Thi...

Apple Mac OSX 10.10 - IOKit IntelAccelerator Null Pointer Dereference

include include include include include int main kernreturnt err; CFMutableDictionaryRef matching = IOServiceMatching"IntelAccelerator"; if!matching printf"unable to create service matching dictionary\n"; return 0; ioiteratort iterator; err = IOServiceGetMatchingServiceskIOMasterPortDefault,...

PHPReactor 1.2.7 - Style Attribute HTML Injection

source: https://www.securityfocus.com/bid/5569/info phpReactor does not sufficiently sanitize HTML from various fields such as in the body of a message or in profile fields. It is possible to inject arbitrary HTML and script code into these fields. An attacker may potentially exploit this situati...