>> TAG: #osx

Apple Security Advisory 2015-09-16-2 – Xcode 7.0 is now available and addresses traffic inspection, access bypass, and various other vulnerabilities.

Apple Security Advisory 2015-09-16-3 – iTunes 12.3 is now available and addresses code execution, application termination, memory corruption, and various other vulnerabilities.

Apple Security Advisory 2015-09-16-4 – OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a…

Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.

34 bytes small NULL byte free OS X x64 /bin/sh shellcode.

The Vulnerability Laboratory Core Research Team discovered a restriction filter bypass in the official PayPal Inc Mobile API for Apple iOS.

This Metasploit module exploits the rootpipe vulnerability and bypasses Apple’s initial fix for the issue by injecting code into a process with the ‘admin.writeconfig’ entitlement.

Apple Security Advisory 2015-08-20-1 – QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.

Apple Security Advisory 2015-08-13-1 – Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses interface spoofing, arbitrary code execution, and various other vulnerabilities.