exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Sourcetree Remote Code Execution
Posted Jul 24, 2018
Authored by Etienne Stalmans, Terry Zhang | Site atlassian.com

Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected.

tags | advisory, remote, vulnerability, code execution
systems | windows
advisories | CVE-2018-11235, CVE-2018-13385, CVE-2018-13386
SHA-256 | cde4d25e68a273c6d5c20d3578cda77f6c048e35cf3936b680f4f3eaecbffdd7

Related Files

macOS 10.13 Kernel Memory Disclosure
Posted Jan 18, 2018
Authored by Google Security Research, Ian Beer

macOS version 10.13 suffers from a kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.

tags | exploit, kernel
advisories | CVE-2017-13878
SHA-256 | fb130620dcdb600a2ebb81e91fb99499f91f82761f79a1fbcc6eee1ab19cfe5d
macOS process_policy Stack Leak
Posted Jan 12, 2018
Authored by Jann Horn, Google Security Research

macOS suffers from a process_policy stack leak through an uninitialized field.

tags | exploit
advisories | CVE-2017-7154
SHA-256 | 0b61e14b1505449eec0ba268f437fa25ec911aea03a436a711c618048ab77483
Apple Security Advisory 2018-1-8-2
Posted Jan 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-1-8-2 - macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre.

tags | advisory
systems | apple
advisories | CVE-2017-5715, CVE-2017-5753
SHA-256 | d853f93e1e71c9aa8d886a2aeccf078dfaa905ed2a74523bb075a36373aaeaf3
Apple macOS IOHIDSystem Kernel Read/Write
Posted Jan 2, 2018
Authored by Siguza

This is a macOS kernel exploit based on an IOHIDFamily vulnerability.

tags | exploit, kernel
SHA-256 | 6ea69ef80ff70cebf65157f4be408a355f3ccb59f4cdf7875c0601be00b560f1
macOS / iOS Kernel IOSurfaceRootUserClient Double-Free
Posted Dec 12, 2017
Authored by Google Security Research, Ian Beer

macOS and iOS suffer from a kernel double free vulnerability due to IOSurfaceRootUserClient not respecting MIG ownership rules.

tags | exploit, kernel
systems | cisco, ios
advisories | CVE-2017-13861
SHA-256 | 4314c9b3d4d919fbf8280f16f7d8de49f26550f782ad1c352b5a319dee587e69
macOS getrusage Stack Leak
Posted Dec 12, 2017
Authored by Jann Horn, Google Security Research

macOS suffers from a getrusage stack leak through struct padding.

tags | exploit
advisories | CVE-2017-13869
SHA-256 | f3c771e820e8f87d811a6417706be697870406b209dca5dce3bea7c2d48f9b1f
macOS necp_get_socket_attributes so_pcb Type Confusion
Posted Dec 12, 2017
Authored by Jann Horn, Google Security Research

macOS suffers from an so_pcb type confusion vulnerability in necp_get_socket_attributes.

tags | exploit
advisories | CVE-2017-13855
SHA-256 | f2be6f0616271669be7061d78a7fed3616c67d1ae20bdb5246c68bbfa933e85d
macOS / iOS IOTimeSyncClockManagerUserClient Use-After-Free
Posted Dec 12, 2017
Authored by Google Security Research, Ian Beer

macOS / iOS suffer from multiple kernel use-after-free vulnerabilities due to incorrect IOKit object lifetime management in IOTimeSyncClockManagerUserClient.

tags | exploit, kernel, vulnerability
systems | cisco, ios
advisories | CVE-2017-13847
SHA-256 | 752bf8adfa42c1db21266f6817c3ff5c3ef4a4a157ab2fbb3882400fdc6fb035
macOS AppleIntelCapriController::GetLinkConfig Kernel Code Execution
Posted Dec 12, 2017
Authored by Google Security Research, Ian Beer

The macOS kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.

tags | exploit, kernel, code execution
advisories | CVE-2017-13875
SHA-256 | e6906ea2b28432c3baf84f42363204bf8884dc823824bf02ba0d05aa103772e9
macOS / iOS Kernel Double Free
Posted Dec 12, 2017
Authored by Google Security Research, Ian Beer

macOS and iOS suffer from a kernel double free due to incorrect API usage in flow divert socket option handling.

tags | exploit, kernel
systems | cisco, ios
advisories | CVE-2017-13867
SHA-256 | 0b5dfcc9863d0ed99660566f6392ccc4d9189ce7b6334fa7a00773db58a29596
Apple Security Advisory 2017-12-6-1
Posted Dec 8, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-12-6-1 - macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan are now available and address issues in apache, curl, and more.

tags | advisory
systems | apple
advisories | CVE-2017-1000254, CVE-2017-13826, CVE-2017-13833, CVE-2017-13844, CVE-2017-13847, CVE-2017-13848, CVE-2017-13855, CVE-2017-13858, CVE-2017-13860, CVE-2017-13862, CVE-2017-13865, CVE-2017-13867, CVE-2017-13868, CVE-2017-13869, CVE-2017-13871, CVE-2017-13872, CVE-2017-13875, CVE-2017-13876, CVE-2017-13878, CVE-2017-13883, CVE-2017-3735, CVE-2017-9798
SHA-256 | 3918e25736c0918763ac137433051db5b4a68c6701db5e97911b5001522fb8e4
Apple macOS 10.13.1 High Sierra Cron Privilege Escalation
Posted Dec 7, 2017
Authored by Mark Wadham

Apple macOS version 10.13.1 (High Sierra) suffers from a cron related local privilege escalation vulnerability that allows you to gain root privileges.

tags | exploit, local, root
systems | apple
SHA-256 | fbe2d99d3b7ef8fd7877306d5456d2c15f9aac738eb9b0ae46533c5eed03251a
Mac OS X Root Privilege Escalation
Posted Nov 29, 2017
Site metasploit.com

This Metasploit module exploits a serious flaw in Mac OS X High Sierra. Any user can login with user "root", leaving an empty password.

tags | exploit, root
SHA-256 | dd129338b035d1f1252020b0fcad4403a67d63fb88369b316e4ae2fb47bd5adc
Apple Security Advisory 2017-10-31-8
Posted Nov 2, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-31-8 - Additional information for the APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 advisory has been provided that relates to Apache and various other software.

tags | advisory
systems | apple
advisories | CVE-2016-2161, CVE-2016-4736, CVE-2016-5387, CVE-2016-8740, CVE-2016-8743, CVE-2016-9042, CVE-2016-9063, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-0381, CVE-2017-1000373, CVE-2017-10989, CVE-2017-13782, CVE-2017-13807, CVE-2017-13808, CVE-2017-13809, CVE-2017-13810, CVE-2017-13811, CVE-2017-13812, CVE-2017-13813, CVE-2017-13814, CVE-2017-13815, CVE-2017-13816, CVE-2017-13817
SHA-256 | dd6b5b4eac263ebc5404ceffc22559c55c0e9ecea353a5fb6bd44a6814913f91
Apple Security Advisory 2017-10-31-12
Posted Nov 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-31-12 - Additional information for the APPLE-SA-2017-09-25-9 macOS Server 5.4 advisory has been provided that relates to FreeRADIUS and Postfix.

tags | advisory
systems | apple
advisories | CVE-2017-10978, CVE-2017-10979, CVE-2017-13826
SHA-256 | ab7f1016be63a4d64acf9e8afda8cb266e256bd54b6c0f883eb1a5a8a72517ed
Apple Security Advisory 2017-10-31-2
Posted Nov 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-31-2 - macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan are now available and address TLS weaknesses, issues in Apache, and many more vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-2161, CVE-2016-4736, CVE-2016-5387, CVE-2016-8740, CVE-2016-8743, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-11103, CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-1298
SHA-256 | ac256e54648493ce415cbcd2306f79310dc0a2baeca5b8e57161504c227231ff
Apple Security Advisory 2017-10-05-1
Posted Oct 5, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-10-05-1 - macOS High Sierra 10.13 Supplemental Update is now available and addresses a password hint issue and keychain extraction vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2017-7149, CVE-2017-7150
SHA-256 | ba18157b0ddad8def7a6b9f8b593aefe7b6bf640e60a4ebe23e2efed83ae9885
Apple Security Advisory 2017-09-25-9
Posted Sep 28, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-25-9 - macOS Server 5.4 is now available and addresses multiple vulnerabilities in FreeRADIUS.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2017-10978, CVE-2017-10979
SHA-256 | 55e8bc0b8dac96f5d4ea0c8772595685f930c0aabdaf38ed83e4aefe2c18f431
Apple Security Advisory 2017-09-25-1
Posted Sep 28, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-25-1 - macOS High Sierra 10.13 is now available and addresses denial of service, insecure transit, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | apple
advisories | CVE-2016-9042, CVE-2016-9063, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-0381, CVE-2017-1000373, CVE-2017-10989, CVE-2017-11103, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, CVE-2017-7074, CVE-2017-7077, CVE-2017-7078, CVE-2017-7080, CVE-2017-7082, CVE-2017-7083, CVE-2017-7084, CVE-2017-7086, CVE-2017-7114
SHA-256 | 56a33c5e5ed39ad993bf22ead073e39949c0c55274f11b40248081e1873fc193
SourceTree Remote Code Execution
Posted Sep 7, 2017
Authored by David Black | Site atlassian.com

SourceTree suffers from multiple remote code execution vulnerabilities that can be triggered via hostile repositories being checked in. SourceTree for macOS versions prior to 2.6.1 and SourceTree for Windows versions prior to 2.1.10 are affected.

tags | advisory, remote, vulnerability, code execution
systems | windows
advisories | CVE-2017-1000115, CVE-2017-1000116, CVE-2017-1000117, CVE-2017-9800
SHA-256 | 1e50b9884995c5b9c544b4aa24ba0de7ea8f777b919770ce1a23e318b7d2c761
macOS / iOS xpc_data Objects Sandbox Escapes
Posted Aug 2, 2017
Authored by Google Security Research, Ian Beer

macOS and iOS sandbox escapes and privilege escalation vulnerabilities exist due to unexpected shared memory-backed xpc_data objects.

tags | exploit, vulnerability
systems | cisco, ios
advisories | CVE-2017-7047
SHA-256 | 405eaaf340b03d53f3015ef4449fe9eaf691f0e32d6d231209f1632dfa391afd
Apple Security Advisory 2017-07-19-2
Posted Jul 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-07-19-2 - macOS 10.12.6 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-9586, CVE-2016-9594, CVE-2017-2629, CVE-2017-7008, CVE-2017-7009, CVE-2017-7010, CVE-2017-7013, CVE-2017-7014, CVE-2017-7015, CVE-2017-7016, CVE-2017-7017, CVE-2017-7021, CVE-2017-7022, CVE-2017-7023, CVE-2017-7024, CVE-2017-7025, CVE-2017-7026, CVE-2017-7027, CVE-2017-7028, CVE-2017-7029, CVE-2017-7031, CVE-2017-7032, CVE-2017-7033, CVE-2017-7035, CVE-2017-7036, CVE-2017-7044, CVE-2017-7045, CVE-2017-7047
SHA-256 | bcc56d96708e760ecf0c7d3255dbf1e45f11507054dc7e9d429392beb7658554
VMware Horizon's macOS Client Code Injection
Posted Jul 12, 2017
Authored by Florian Bogner

VMware Horizon's macOS client versions prior to 4.5 suffer from a code injection vulnerability.

tags | advisory
advisories | CVE-2017-4918
SHA-256 | f66d718ae51d75bdcc8a8fa9026bde7c7516f85ea2777a8579d4c319165f6016
MacOS/iOS Userspace Entitlement Checking Race Condition
Posted Jun 12, 2017
Authored by Google Security Research, Ian Beer

MacOS and iOS suffer from a userspace entitlement race condition.

tags | exploit
systems | ios
advisories | CVE-2017-7004
SHA-256 | 4ebafbb5739c54a9e9cc89090e800144ff08cbe890ca0a497d69232449556a6c
Apple MacOS Disk Arbitration Daemon Race Condition
Posted Jun 9, 2017
Authored by phoenhex

Apple MacOS disk arbitration daemon race condition exploit.

tags | exploit
systems | apple
advisories | CVE-2017-2533
SHA-256 | 5e822f89be908a76378c56e9215de59cc184f0164ff3f531107ef63a5defc99b
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    47 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close