| 1728 | Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) |
Arbitrary file write |
Apple |
Richard Warren (@buffaloverflow) |
Bug Bounty | 2022-03-15 | 2023-06-13 |
| 1709 | Targeting Visual Studio Code for macOS: File Discovery and a TCC bypass (kinda) |
Local Privilege Escalation
TCC bypass
MacoS |
Apple
Microsoft |
Alfie Champion (@ajpc500) |
Bug Bounty | 2022-03-21 | 2023-06-13 |
| 1664 | MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639 |
Local Privilege Escalation |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-04-04 | 2023-06-13 |
| 1406 | Get root on macOS 12.3.1: proof-of-concepts for Linus Henze%27s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763) |
Signature validation bypass
Memory corruption
Local Privilege Escalation
MacOS |
Apple |
Zhuowei Zhang (@zhuowei) |
Bug Bounty | 2022-07-02 | 2023-06-13 |
| 1371 | Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 |
Local Privilege Escalation |
Apple |
Microsoft 365 Defender Research Team |
Bug Bounty | 2022-07-13 | 2023-06-13 |
| 1313 | CVE-2022-26712: The POC for SIP-Bypass Is Even Tweetable |
MacOS
SIP bypass |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-07-26 | 2023-06-13 |
| 1241 | Process injection: breaking all macOS security layers with a single vulnerability |
Local Privilege Escalation
Process injection vulnerability |
Apple |
Thijs Alkemade (@xnyhps) |
Bug Bounty | 2022-08-12 | 2023-06-13 |
| 901 | SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri |
iOS
MacOS
Bluetooth
Local Privilege Escalation
TCC bypass |
Apple |
Guilherme Rambo (@_inside) |
Bug Bounty | 2022-10-26 | 2023-06-13 |
| 883 | A tale of a simple Apple kernel bug |
Out-of-bounds Read
Memory corruption
MacOS
iOS |
Apple |
Jordy Zomer (@pwningsystems) |
Bug Bounty | 2022-10-31 | 2023-06-13 |
| 861 | CVE-2022-26730 | ColorSync | Hoyt LLC |
MacOS
Memory corruption
RCE |
Apple |
David Hoyt (@h02332) |
Bug Bounty | 2022-11-05 | 2023-06-13 |
| 837 | CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS |
MacOS
Local Privilege Escalation
SIP bypass |
Apple |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-11-11 | 2023-06-13 |
| 833 | CVE-2022-32929 - Bypass iOS backup%27s TCC protection |
Local Privilege Escalation
TCC bypass
MacoS
iOS |
Apple |
Csaba Fitzl (@theevilbit) |
Bug Bounty | 2022-11-14 | 2023-06-13 |
| 810 | macOS Sandbox Escape vulnerability via Terminal |
MacOS
Sandbox escape
Local Privilege Escalation |
Apple |
Wojciech Reguła (@_r3ggi) |
Bug Bounty | 2022-11-18 | 2023-06-13 |
| 713 | Public Report – VPN by Google One Security Assessment |
Android
iOS
DoS
Windows
MacoS
Local Privilege Escalation |
Google |
Daniel Romero (@daniel_rome) |
Bug Bounty | 2022-12-09 | 2023-06-13 |
| 681 | Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability |
Local Privilege Escalation
GateKeeper bypass |
Apple (macOS) |
Jonathan Bar Or (@yo_yo_yo_jbo) |
Bug Bounty | 2022-12-17 | 2023-06-13 |
| 672 | Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities |
MacOS
Local Privilege Escalation
SIP bypass |
Apple (macOS) |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-12-20 | 2023-06-13 |
| 670 | A Technical Analysis of CVE-2022-22583 and CVE-2022-32800 |
MacOS
Local Privilege Escalation
SIP bypass |
Apple (macOS) |
Mickey Jin (@patch1t) |
Bug Bounty | 2022-12-21 | 2023-06-13 |
| 600 | SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files |
Local Privilege Escalation |
Mozilla (Firefox) |
Dohyun Lee |
Bug Bounty | 2023-01-11 | 2023-06-13 |
| 597 | DER Entitlements: The (Brief) Return of the Psychic Paper |
iOS
MacOS
Local Privilege Escalation |
Apple |
Ivan Fratric (@ifsecure) |
Bug Bounty | 2023-01-12 | 2023-06-13 |
| 595 | Bad things come in large packages: .pkg signature verification bypass on macOS |
Local Privilege Escalation
GateKeeper bypass
SIP bypass
MacOS |
Apple |
Sector 7 (@sector7_nl) |
Bug Bounty | 2023-01-13 | 2023-06-13 |
| 460 | CVE-2022-22655 - TCC - Location Services Bypass |
MacoS
TCC bypass |
Apple (macOS) |
Csaba Fitzl (@theevilbit) |
Bug Bounty | 2023-02-13 | 2023-06-13 |
| 422 | Trellix Advanced Research Center Discovers a New Privilege Escalation Bug Class on macOS and iOS |
Local Privilege Escalation |
Apple (macOS) |
Austin Emmitt (@alkalinesec) |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 356 | Bypass TCC via iCloud |
TCC bypass
Local Privilege Escalation |
Apple (macOS) |
Wojciech Reguła (@_r3ggi) |
Bug Bounty | 2023-03-04 | 2023-06-13 |
| 338 | Feeding Tasty Objects to Visual Studio%27s App Center SDK for Apple |
Insecure deserialization
MacOS |
Microsoft |
Jenny (@OldM4nHunting) |
Bug Bounty | 2023-03-07 | 2023-06-13 |
| 224 | Bash Privileged-mode Vulnerabilities In Parallels Desktop And CDPATH Handling In MacOS |
MacoS
Local Privilege Escalation |
Parallels |
Reno Robert (@renorobertr) |
Bug Bounty | 2023-04-06 | 2023-06-13 |
