| Reverse Engineering the Apple Multipeer Connectivity Framework |
|
|
|
| SHA-3 Buffer Overflow |
|
|
|
| Apple CoreText - An Unexpected Journey to Learn about Failure |
|
|
|
| Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) |
|
|
|
| 7,500$ – IDOR on Apple [consultants.apple.com] |
|
|
|
| Turning Your Computer Into a GPS Tracker With Apple Maps |
|
|
|
| How an Akamai misconfiguration earned us USD 46.000 |
|
|
|
| Step-by-Step Walkthrough of CVE-2022-32792 - WebKit B3ReduceStrength Out-of-Bounds Write |
|
|
|
| VPNs on iOS are a scam |
|
|
|
| You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications |
|
|
|
| Story of 5000$ bounty for Grafana Panel Access in Apple |
|
|
|
| Process injection: breaking all macOS security layers with a single vulnerability |
|
|
|
| SSD Advisory – Apple Safari ICU Out-Of-Bounds Write |
|
|
|
| SSD Advisory – Apple Safari IDN URL Spoofing |
|
|
|
| CVE-2022-26712: The POC for SIP-Bypass Is Even Tweetable |
|
|
|
| Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 |
|
|
|
| PII Disclosure of Apple Users ($10k) |
|
|
|
| Get root on macOS 12.3.1: proof-of-concepts for Linus Henze's CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) |
|
|
|
| My First Apple Bug And My First Writeup |
|
|
|
| How I got Apple Hall Of Fame ! |
|
|
|
| Bypass Apple Corp SSO on Apple Admin Panel |
|
|
|
| CloudKit Share Records leak the title of private iCloud files |
|
|
|
| HTTP Request Smuggling on business.apple.com and Others. |
|
|
|
| MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639 |
|
|
|
| Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) |
|
|
|
writeups.xyz
/
Apple