| Vulnerabilities In CocoaPods Open The Door To Supply Chain Attacks Against Thousands Of iOS And MacOS Applications |
|
|
|
| How Twitch Helper Can Be Used for Privilege Escalation |
|
|
|
| CVE-2023-22524: RCE Vulnerability in Atlassian Companion for macOS |
|
|
|
| Turning a boring file move into a privilege escalation on Mac |
|
|
|
| macOS Atlassian Companion Remote Code Execution |
|
|
|
| CVE-2023-33298 - Perimeter81 Local Privilege Escalation |
|
|
|
| Finding and reporting a Gatekeeper bypass exploit with help from Mac Monitor |
|
|
|
| Bash Privileged-mode Vulnerabilities In Parallels Desktop And CDPATH Handling In MacOS |
|
|
|
| Feeding Tasty Objects to Visual Studio's App Center SDK for Apple |
|
|
|
| CVE-2022-22655 - TCC - Location Services Bypass |
|
|
|
| Bad things come in large packages: .pkg signature verification bypass on macOS |
|
|
|
| DER Entitlements: The (Brief) Return of the Psychic Paper |
|
|
|
| A Technical Analysis of CVE-2022-22583 and CVE-2022-32800 |
|
|
|
| Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities |
|
|
|
| Public Report – VPN by Google One Security Assessment |
|
|
|
| macOS Sandbox Escape vulnerability via Terminal |
|
|
|
| CVE-2022-32929 - Bypass iOS backup's TCC protection |
|
|
|
| CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS |
|
|
|
| CVE-2022-26730 | ColorSync | Hoyt LLC |
|
|
|
| A tale of a simple Apple kernel bug |
|
|
|
| SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri |
|
|
|
| CVE-2022-26712: The POC for SIP-Bypass Is Even Tweetable |
|
|
|
| Get root on macOS 12.3.1: proof-of-concepts for Linus Henze's CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) |
|
|
|
| Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) |
|
|
|
| CVE-2022-22616: Simple way to bypass GateKeeper, hidden for years |
|
|
|
writeups.xyz
/
MacOS