Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-8 visionOS 2.1
visionOS 2.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121566 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: Apple Vision Pro
Impact: A malicious app may be able to run arbitrary shortcuts without
user consent…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-7 tvOS 18.1
tvOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121569 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to run arbitrary shortcuts without…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-6 watchOS 11.1
watchOS 11.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121565 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple Watch Series 6 and later
Impact: An attacker with physical access to a locked device may be able
to…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
macOS Ventura 13.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121568 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: macOS Ventura
Impact: A malicious app may be able to run arbitrary shortcuts without
user…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
macOS Sonoma 14.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121570 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without
user…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-3 macOS Sequoia 15.1
macOS Sequoia 15.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121564 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Apache
Impact: Multiple issues existed in Apache
Description: This is a vulnerability in open source code and Apple…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1
iOS 17.7.1 and iPadOS 17.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121567 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
2nd generation…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1
iOS 18.1 and iPadOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121563 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone XS and later
Impact: An attacker with physical access to a locked device…
Posted by Andrey Stoykov on Oct 28
# Exploit Title: Open Redirect / Reflected XSS – booked-schedulerv2.8.5
# Date: 10/2024
# Exploit Author: Andrey Stoykov
# Version: 2.8.5
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-13-reflected.html
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-12-open.html
Open Redirect:
Steps to Reproduce:
1. Login and intercept HTTP request with a proxy such as Burpsuite or ZAP
2….
Posts navigation
News, Advisories and much more