exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

Sourcetree Remote Code Execution
Posted Jul 24, 2018
Authored by Etienne Stalmans, Terry Zhang | Site atlassian.com

Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected.

tags | advisory, remote, vulnerability, code execution
systems | windows
advisories | CVE-2018-11235, CVE-2018-13385, CVE-2018-13386
SHA-256 | cde4d25e68a273c6d5c20d3578cda77f6c048e35cf3936b680f4f3eaecbffdd7

Related Files

Apple MacOS HIServices Privilege Escalation
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple MacOS suffers from a local elevation of privilege vulnerability due to a lack of bounds checking in HIServices custom CFObject serialization.

tags | exploit, local
systems | apple
advisories | CVE-2017-6978
SHA-256 | 1aa8e11c6dd2564941d452637180beeaffbdf5025cab2320d31049cd5d306643
Apple iOS / MacOS NSKeyedArchiver Heap Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2524
SHA-256 | b11e4fa749407eb6cbea1e698f70085373bb11356622dba14596a60b5ee4368b
Apple MacOS NSUnarchiver Heap Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].

tags | exploit
systems | apple
advisories | CVE-2017-2523
SHA-256 | e2849820975ba9e34e34473279ce9b4842b59d2332429f539fffbd8657173888
Apple iOS / MacOS NSCharacterSet Memory Corruption
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2522
SHA-256 | 3451fa7feeddaaaa2c8d46965e2248bbefe5070ec646c6930150120ccd46f1f0
Apple iOS / MacOS Netagent Kernel Memory Disclosure
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffers from a kernel memory disclosure vulnerability due to lack of bounds checking in netagent socket option handling.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2507
SHA-256 | a80eee4e7eb6cc5d85cfca41d2804e1883748684e1c813413ad14e66a918e582
Apple iOS / MacOS Domain Socket Kernel Use-After-Free
Posted May 24, 2017
Authored by Google Security Research, Ian Beer

Apple iOS / MacOS suffer from a kernel use-after-free vulnerability due to bad locking in unix domain socket file descriptor externalization.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2501
SHA-256 | d49bb5779a4c17dfcf174a09087ff899cab557acadeac924745cade61a639d0a
MacOS Raw Frame Pointers In Stackshot
Posted May 23, 2017
Authored by Jann Horn, Google Security Research

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug.

tags | exploit, kernel, root
advisories | CVE-2017-2516
SHA-256 | 63b9107547c0985f1def098507f1151fbb6c1ccacb4c0d361b420aa17ff32d51
MacOS 32-Bit Syscall Exit Kernel Register Leak
Posted May 23, 2017
Authored by Jann Horn, Google Security Research

MacOS suffers from a kernel register leak via 32-bit syscall exit.

tags | exploit, kernel
advisories | CVE-2017-2509
SHA-256 | 51f21ee396efaec54ab768abeb7493566d5a0076bced42dd49e3ff6f228e0a09
MacOS Insecure Swap File
Posted May 18, 2017
Authored by Google Security Research, Ian Beer

It turns out that even with SIP enabled a regular root user can write to the swapfile under /private/var/vm/swapfile0 on MacOS.

tags | advisory, root
advisories | CVE-2017-2494
SHA-256 | b4a5ae1e05cc0033bf98b39a84490ae7a0a1f8afb83c82d664cc8ddd98121f80
Apple Security Advisory 2017-05-15-1
Posted May 15, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-05-15-1 - macOS 10.12.5 is now available and addresses certificate validation, privilege escalation, and various other vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2017-2494, CVE-2017-2497, CVE-2017-2501, CVE-2017-2502, CVE-2017-2503, CVE-2017-2507, CVE-2017-2509, CVE-2017-2512, CVE-2017-2513, CVE-2017-2516, CVE-2017-2518, CVE-2017-2519, CVE-2017-2520, CVE-2017-2524, CVE-2017-2527, CVE-2017-2533, CVE-2017-2534, CVE-2017-2535, CVE-2017-2537, CVE-2017-2540, CVE-2017-2541, CVE-2017-2542, CVE-2017-2543, CVE-2017-2545, CVE-2017-2546, CVE-2017-2548, CVE-2017-6977, CVE-2017-6978
SHA-256 | c8e7fabadfea08c552a96a322996223bd75739ad1b76b9e5498a79914d41c38a
MacOS/iOS fsevents Device Double-Free
Posted Apr 10, 2017
Authored by Google Security Research, Ian Beer

The MacOS/iOS kernel suffers from double free due to bad locking in fsevents device.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2490
SHA-256 | 262850b875faadf8b393c23f94ab67e4e7ce65d2c09fc67f94f884cdd86d1fd1
MacOS audit_pipe_open Off-By-One Memory Corruption
Posted Apr 10, 2017
Authored by Google Security Research, Ian Beer

MacOS suffers from a kernel memory corruption due to an off-by-one in audit_pipe_open.

tags | exploit, kernel
advisories | CVE-2017-2483
SHA-256 | 21a54047c8b3039a933e7ce82e134cfd26daad4f5ee3621c596b46d11e4ca14c
MacOS/iOS bpf Kernel Heap Overflow
Posted Apr 10, 2017
Authored by Google Security Research, Ian Beer

The MacOS/iOS kernel suffers from a heap overflow in bpf.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2482
SHA-256 | 6b66f0500cb0eaf62440d1831b24b32d2950c87be93216f6251071c3b8466ec2
MacOS/iOS necp_open Use-After-Free
Posted Apr 10, 2017
Authored by Google Security Research, Ian Beer

The MacOS/iOS kernel suffers from a use-after-free vulnerability due to bad locking in necp_open.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2478
SHA-256 | d334d5641f00902e731e8078d52aee2b598b18a6157983f48de2e66a278c8cd4
MacOS/iOS Off-By-One Kernel Memory Corruption
Posted Apr 9, 2017
Authored by Google Security Research, Ian Beer

MacOS/iOS suffers from a kernel memory corruption vulnerability due to an off-by-one in SIOCGIFORDER socket ioctl.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2474
SHA-256 | 68f266e2fa0b5b89488ef3ae5d3a38bab76ab546053d5c1eeff1bad27b96bc14
MacOS/iOS Bounds Checking Kernel Memory Corruption
Posted Apr 9, 2017
Authored by Google Security Research, Ian Beer

MacOS/iOS suffer from a kernel memory corruption vulnerability due to bad bounds checking in SIOCSIFORDER socket ioctl.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2473
SHA-256 | 5fb22c95078ddfccbde954f3ef800cf05c01453d1aa2b8ac3b113ad2cadf9b38
MacOS posix_spawn Use-After-Free
Posted Apr 9, 2017
Authored by Google Security Research, Ian Beer

The MacOS kernel suffers from a use-after-free vulnerability due to a double-release in posix_spawn.

tags | exploit, kernel
advisories | CVE-2017-2472
SHA-256 | 0e2e4f53cc9917b381bd9a1f7e39c44f26e38617b04a54e234d1bb110597e7f4
MacOS AppleIntelCapriController::GetLinkConfig Code Execution
Posted Apr 9, 2017
Authored by Google Security Research, Ian Beer

The MacOS kernel suffered from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.

tags | exploit, kernel, code execution
advisories | CVE-2017-2443
SHA-256 | df55f4437e9f2ac466e71c9a31ae5bfbb60d768194d73e4120e09ffaaf3e8d0a
MacOS AppleIntelCapriController::getDisplayPipeCapability Memory Disclosure
Posted Apr 9, 2017
Authored by Google Security Research, Ian Beer

A kernel memory disclosure issue existed in MacOS due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.

tags | exploit, kernel
advisories | CVE-2017-2489
SHA-256 | 4d897f439109e297e8d2c67646a77050ed116b782998bca021b769aced79830d
MacOS/iOS mach_msg Memory Copy Failure
Posted Mar 29, 2017
Authored by Google Security Research, lokihardt

MacOS/iOS suffer from an issue where mach_msg does not copy memory in a certain case.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2456
SHA-256 | 311975d6c6410fc74e8c9b4e249484bd7519ec1515eba64cd53af81d9d333a20
Apple Security Advisory 2017-03-27-7
Posted Mar 27, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-03-27-7 - macOS Server 5.3 is now available and addresses denial of service and user enumeration vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | apple
advisories | CVE-2007-6750, CVE-2016-0751, CVE-2017-2382
SHA-256 | 658872beabc18d8ce86f77b4f603d0f654af625711493b7b0c96aeb309af853a
Apple Security Advisory 2017-03-27-3
Posted Mar 27, 2017
Authored by Apple

Apple Security Advisory 2017-03-27-3 - macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-0736, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-2161, CVE-2016-3619, CVE-2016-5387, CVE-2016-5636, CVE-2016-7056, CVE-2016-7585, CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934
SHA-256 | 54a3d5f1eafce35231db5001f3683c3b0fd1ddc198a138e24dfe71082667f5b2
macOS HelpViewer XSS / Arbitrary File Execution / Read
Posted Feb 24, 2017
Authored by Google Security Research, lokihardt

Cross site scripting on macOS HelpViewer leads to arbitrary file execution and arbitrary file read.

tags | exploit, arbitrary, xss
advisories | CVE-2017-2361
SHA-256 | 60ac6dfc903acc3a29b78f58ebfa4282a803cce1341a5844a4a5edfbfd88a659
Apple Security Advisory 2017-01-23-2
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-2 - macOS 10.12.3 is now available and addresses suffers from code execution and various other security vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-1248, CVE-2016-8670, CVE-2016-8687, CVE-2016-9933, CVE-2016-9934, CVE-2017-2353, CVE-2017-2357, CVE-2017-2358, CVE-2017-2360, CVE-2017-2361, CVE-2017-2370, CVE-2017-2371
SHA-256 | 4c40e5dbd35093797941e97f507065322698c00b5f58f1d348c313103335398b
MacOS Sierra 10.12 16A323 Double vm_deallocate Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

MacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.

tags | exploit
advisories | CVE-2016-7633
SHA-256 | 58a7ed2e19c9a5fce731f15aa8b83ace30921a87bf6431e44964fdb9a6e2d1d9
Page 2 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close