Cisco WebEx Meetings Server suffers from an XML external entity injection vulnerability.
39042e3cffbe45edd8d3a912b89bcc36d39e3f36f804bfcc34793db23f991d10
iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.
60108b89486cb359363b2d03bb42b7169fee6f244ce5cebe800da43c4e47b46b
Full write up on the unauthenticated remote code execution and privilege escalation vulnerability in Cisco Prime Infrastructure.
058c3b31f20e8b93b4afb321381169fdced8081ba43437d03d084b037fa8cc10
Apple Security Advisory 2018-10-08-1 - iOS 12.0.1 is now available and addresses lock screen issues.
55511890e9f38ae0a9bad6f57089a3ede653de0774df3cbf1802daee5427cbce
Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing.
d4ddf2dda84d92bb39709e2fad5c269d7848c88a7bfbb904dd9732556b6c1a55
Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
fe6d1b8b3958f08fadaf9feda8a759143d5d125386459a13ec51171d4098256c
Apple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
1b6195c1b83a02fbe3028b9f59a131a8da4f145af8b7404d84dce1ccca5cfae6
Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.
854cf7db0661e303d1f8f5b7c306d195ce2e38588bfe4d01a79185f9c9bd01a8
Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.
c6e0c15d91b91207790a50bd4ffc241b9d7758952646e0f4bb8076175cafe939
Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.
06bfdd27cdd81a700680df765616c42350869863b9bd88df5cddfb49c7dd691a
Linkedin mobile iOS application version 9.11.8592.4 suffers from a CPU resource exhaustion vulnerability.
37fbd701edef30bae893062e35a07dcacdae7ad07a66bc9892f2375bd40db3a7
This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.
61864a496baff217e28e408c09a6a01a920370b195aa9452c866952af9c43a6c
Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.
857fee29a90629f33ba85af6600e36de596f303b9de4fc96e0cc80eb90fae597
macOS and iOS suffer from a javascript injection bug in OfficeImporter.
e8a235449f752566cb48a2a1f6f65e02d52cbd77feb6354393a30e556c4552e2
Apple Security Advisory 2018-7-9-1 - iOS 11.4.1 is now available and addresses code execution and denial of service vulnerabilities.
330261e5d69c36b100acca558de9c3f8ed059502a72a2ea02c2fbc09dc42e68b
Cisco Adaptive Security Appliance suffers from a path traversal vulnerability.
d1b313011029126cb865a0362620a79446da5eb04f5aec729d6ccf3667869fe9
The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.
f1c3b9023d02313f1fc1abb64c64d84e4ea581179d6b4d5a3425103544649ed7
Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.
235011f8d40f10f6eefc42756667cf9730b9b7549ad68a89cec4884cef6a0e64
Cisco SA520W Security Appliance suffers from a path traversal vulnerability.
afb1a6c7670d56bdc88e35d408381f90b8a962147c6db0ddc5bfc2888ed9088e
macOS/iOS ReportCrash suffers from a mach port replacement due to failure to respect MIG ownership rules.
2cd4e635bdd91862b3c2bfd770e7f8bd4e4eca619058739936bbf85ce351d526
Apple Security Advisory 2018-04-24-1 - iOS 11.3.1 is now available and addresses code execution vulnerabilities.
3b6b031d4de4f82dc2d6116a7e6b0e34c773b3dbdc85944cef0fa376bfd2b1b6
Apple Security Advisory 2018-3-29-1 - iOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
831a5876153ae9b119aa0f3493b15456a2d1c9e01251c16931b0e56c70e84364
Cisco node-jos versions prior to 0.11.0 re-sign tokens proof of concept exploit.
f7e488909b769cf6fe758f382777f08b2e3b059dea0c5b6c8ed8e7fb3e555bec
Compass Security discovered a design weakness in Microsoft Intune's app protection. This weakness allows a malicious user that gets hold of an employee's iOS device to access company data even without knowing the app PIN.
9eb901ef1974be004d63aa35bd969efac3bd77a0a761e1cbabb90340bf37e26c
Cisco ASA crash proof of concept exploit.
22410b089089e7b8ffef27f7fb0a008e7affff448aee37013b0a41335bb533a6