Nikias Bassen

5 exploits Active since Jan 2017
CVE-2020-9992 NOMISEC HIGH WORKING POC
Xcode < 12.0 - Remote Code Execution via Unencrypted Debug Session
This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network.
73 stars
CVSS 7.8
CVE-2017-5545 WRITEUP CRITICAL WRITEUP
libplist < 1.12 - Out-of-bounds Read via Apple Property List Data
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
CVSS 9.1
CVE-2017-6435 WRITEUP MEDIUM WRITEUP
libplist - Memory Corruption via Crafted plist File
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
CVSS 5.0
CVE-2017-6436 WRITEUP MEDIUM WRITEUP
libplist 1.12 - Denial of Service via Crafted plist File
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
CVSS 5.0
CVE-2017-6439 WRITEUP MEDIUM WRITEUP
libplist 1.12 - Heap-Based Buffer Overflow in bplist.c parse_string_node
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
CVSS 5.0