gergelykalman

5 exploits Active since Jun 2023
CVE-2023-32364 NOMISEC HIGH WORKING POC
macOS Ventura <13.5 - Privilege Escalation
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions.
22 stars
CVSS 8.6
CVE-2023-32428 NOMISEC HIGH WORKING POC
iPadOS < 16.5 - Privilege Escalation to Root via Improved File Handling
This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.
19 stars
CVSS 7.8
CVE-2023-38571 NOMISEC HIGH WORKING POC
macOS < 11.7.9 - Privacy Preferences Bypass via Symlink Validation
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences.
13 stars
CVSS 7.5
CVE-2023-32407 NOMISEC MEDIUM WORKING POC
iPadOS < 15.7.6 - Privacy Preferences Bypass via Logic Issue
A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.
11 stars
CVSS 5.5
CVE-2023-32422 NOMISEC MEDIUM WORKING POC
iPadOS < 16.5 - Privacy Preference Bypass via SQLite Logging
This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences.
6 stars
CVSS 5.5