Apple iOS / OS X suffer from a NSKeyedArchiver memory corruption vulnerability due to a lack of bounds checking in CAMediaTimingFunctionBuiltin.
ca7a887d2ea998dc6250cc110e33b535fe3368bec11281aa3e5ffebf43fe2c45
Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.
b11e4fa749407eb6cbea1e698f70085373bb11356622dba14596a60b5ee4368b
Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].
e2849820975ba9e34e34473279ce9b4842b59d2332429f539fffbd8657173888
Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.
3451fa7feeddaaaa2c8d46965e2248bbefe5070ec646c6930150120ccd46f1f0
Apple iOS / MacOS suffers from a kernel memory disclosure vulnerability due to lack of bounds checking in netagent socket option handling.
a80eee4e7eb6cc5d85cfca41d2804e1883748684e1c813413ad14e66a918e582
Apple iOS / MacOS suffer from a kernel use-after-free vulnerability due to bad locking in unix domain socket file descriptor externalization.
d49bb5779a4c17dfcf174a09087ff899cab557acadeac924745cade61a639d0a
It turns out that even with SIP enabled a regular root user can write to the swapfile under /private/var/vm/swapfile0 on MacOS.
b4a5ae1e05cc0033bf98b39a84490ae7a0a1f8afb83c82d664cc8ddd98121f80
The MacOS/iOS kernel suffers from double free due to bad locking in fsevents device.
262850b875faadf8b393c23f94ab67e4e7ce65d2c09fc67f94f884cdd86d1fd1
MacOS suffers from a kernel memory corruption due to an off-by-one in audit_pipe_open.
21a54047c8b3039a933e7ce82e134cfd26daad4f5ee3621c596b46d11e4ca14c
The MacOS/iOS kernel suffers from a heap overflow in bpf.
6b66f0500cb0eaf62440d1831b24b32d2950c87be93216f6251071c3b8466ec2
The MacOS/iOS kernel suffers from a use-after-free vulnerability due to bad locking in necp_open.
d334d5641f00902e731e8078d52aee2b598b18a6157983f48de2e66a278c8cd4
MacOS/iOS suffers from a kernel memory corruption vulnerability due to an off-by-one in SIOCGIFORDER socket ioctl.
68f266e2fa0b5b89488ef3ae5d3a38bab76ab546053d5c1eeff1bad27b96bc14
MacOS/iOS suffer from a kernel memory corruption vulnerability due to bad bounds checking in SIOCSIFORDER socket ioctl.
5fb22c95078ddfccbde954f3ef800cf05c01453d1aa2b8ac3b113ad2cadf9b38
The MacOS kernel suffers from a use-after-free vulnerability due to a double-release in posix_spawn.
0e2e4f53cc9917b381bd9a1f7e39c44f26e38617b04a54e234d1bb110597e7f4
The MacOS kernel suffered from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.
df55f4437e9f2ac466e71c9a31ae5bfbb60d768194d73e4120e09ffaaf3e8d0a
A kernel memory disclosure issue existed in MacOS due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.
4d897f439109e297e8d2c67646a77050ed116b782998bca021b769aced79830d
Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.
71fb8aae34cb7c0d37a7f49a309f5a2dae66cfa5cdb219509169904461df04bc
Mac OS and iOS kernels suffer from a memory corruption vulnerability due to a userspace pointer being used as a length.
0e21ab8bef04b55df21495e7a540f3e13300a9331dbcf4776f45dad00c8a3317
Mac OS / iOS kernels suffer from a use-after-free due to a failure to take reference in IOService::matchPassive.
57adee4dbe381b4218e166f2027051025367d86e1a973643acee3ccb7042ec38
Mac OS suffers from a kernel code execution vulnerability due to writable privileged IOKit registry properties.
a68b5ccbfb9fc13755fd889600a87bb8e5605b88270d85bc52f265ebd895419a
syslogd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.
99a94dcd03523d376a072610f043b1209de8f254832968af4d257e80e30721f3
powerd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.
3e5a21bc29ff1a558770231e308bd600e6410b4a304e2859b2163f3dd2cd5cdf
MacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.
58a7ed2e19c9a5fce731f15aa8b83ace30921a87bf6431e44964fdb9a6e2d1d9
A lack of error checking leads to a reference count leak and OS X / iOS kernel use-after-free vulnerability in _kernelrpc_mach_port_insert_right_trap.
cac9c1a81d04f178479bf07a83852204325d3d8036f55cdb5e9e23a10b46cb54
A broken kernel mach port name uref handling on iOS and Mac OS can lead to privileged port name replacement in other processes.
ec46204069f275edad54bb9993ef3883c9de93719d666d76af2753a535b88de9