Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected.
cde4d25e68a273c6d5c20d3578cda77f6c048e35cf3936b680f4f3eaecbffdd7
Apple MacOS suffers from a local elevation of privilege vulnerability due to a lack of bounds checking in HIServices custom CFObject serialization.
1aa8e11c6dd2564941d452637180beeaffbdf5025cab2320d31049cd5d306643
Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.
b11e4fa749407eb6cbea1e698f70085373bb11356622dba14596a60b5ee4368b
Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].
e2849820975ba9e34e34473279ce9b4842b59d2332429f539fffbd8657173888
Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.
3451fa7feeddaaaa2c8d46965e2248bbefe5070ec646c6930150120ccd46f1f0
Apple iOS / MacOS suffers from a kernel memory disclosure vulnerability due to lack of bounds checking in netagent socket option handling.
a80eee4e7eb6cc5d85cfca41d2804e1883748684e1c813413ad14e66a918e582
Apple iOS / MacOS suffer from a kernel use-after-free vulnerability due to bad locking in unix domain socket file descriptor externalization.
d49bb5779a4c17dfcf174a09087ff899cab557acadeac924745cade61a639d0a
This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug.
63b9107547c0985f1def098507f1151fbb6c1ccacb4c0d361b420aa17ff32d51
MacOS suffers from a kernel register leak via 32-bit syscall exit.
51f21ee396efaec54ab768abeb7493566d5a0076bced42dd49e3ff6f228e0a09
It turns out that even with SIP enabled a regular root user can write to the swapfile under /private/var/vm/swapfile0 on MacOS.
b4a5ae1e05cc0033bf98b39a84490ae7a0a1f8afb83c82d664cc8ddd98121f80
Apple Security Advisory 2017-05-15-1 - macOS 10.12.5 is now available and addresses certificate validation, privilege escalation, and various other vulnerabilities.
c8e7fabadfea08c552a96a322996223bd75739ad1b76b9e5498a79914d41c38a
The MacOS/iOS kernel suffers from double free due to bad locking in fsevents device.
262850b875faadf8b393c23f94ab67e4e7ce65d2c09fc67f94f884cdd86d1fd1
MacOS suffers from a kernel memory corruption due to an off-by-one in audit_pipe_open.
21a54047c8b3039a933e7ce82e134cfd26daad4f5ee3621c596b46d11e4ca14c
The MacOS/iOS kernel suffers from a heap overflow in bpf.
6b66f0500cb0eaf62440d1831b24b32d2950c87be93216f6251071c3b8466ec2
The MacOS/iOS kernel suffers from a use-after-free vulnerability due to bad locking in necp_open.
d334d5641f00902e731e8078d52aee2b598b18a6157983f48de2e66a278c8cd4
MacOS/iOS suffers from a kernel memory corruption vulnerability due to an off-by-one in SIOCGIFORDER socket ioctl.
68f266e2fa0b5b89488ef3ae5d3a38bab76ab546053d5c1eeff1bad27b96bc14
MacOS/iOS suffer from a kernel memory corruption vulnerability due to bad bounds checking in SIOCSIFORDER socket ioctl.
5fb22c95078ddfccbde954f3ef800cf05c01453d1aa2b8ac3b113ad2cadf9b38
The MacOS kernel suffers from a use-after-free vulnerability due to a double-release in posix_spawn.
0e2e4f53cc9917b381bd9a1f7e39c44f26e38617b04a54e234d1bb110597e7f4
The MacOS kernel suffered from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.
df55f4437e9f2ac466e71c9a31ae5bfbb60d768194d73e4120e09ffaaf3e8d0a
A kernel memory disclosure issue existed in MacOS due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.
4d897f439109e297e8d2c67646a77050ed116b782998bca021b769aced79830d
MacOS/iOS suffer from an issue where mach_msg does not copy memory in a certain case.
311975d6c6410fc74e8c9b4e249484bd7519ec1515eba64cd53af81d9d333a20
Apple Security Advisory 2017-03-27-7 - macOS Server 5.3 is now available and addresses denial of service and user enumeration vulnerabilities.
658872beabc18d8ce86f77b4f603d0f654af625711493b7b0c96aeb309af853a
Apple Security Advisory 2017-03-27-3 - macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.
54a3d5f1eafce35231db5001f3683c3b0fd1ddc198a138e24dfe71082667f5b2
Cross site scripting on macOS HelpViewer leads to arbitrary file execution and arbitrary file read.
60ac6dfc903acc3a29b78f58ebfa4282a803cce1341a5844a4a5edfbfd88a659
Apple Security Advisory 2017-01-23-2 - macOS 10.12.3 is now available and addresses suffers from code execution and various other security vulnerabilities.
4c40e5dbd35093797941e97f507065322698c00b5f58f1d348c313103335398b
MacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.
58a7ed2e19c9a5fce731f15aa8b83ace30921a87bf6431e44964fdb9a6e2d1d9