| 963 | FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) |
Authentication bypass |
Fortinet |
James Horseman (@JamesHorseman2) |
Bug Bounty | 2022-10-13 | 2023-06-13 |
| 901 | SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri |
iOS
MacOS
Bluetooth
Local Privilege Escalation
TCC bypass |
Apple |
Guilherme Rambo (@_inside) |
Bug Bounty | 2022-10-26 | 2023-06-13 |
| 883 | A tale of a simple Apple kernel bug |
Out-of-bounds Read
Memory corruption
MacOS
iOS |
Apple |
Jordy Zomer (@pwningsystems) |
Bug Bounty | 2022-10-31 | 2023-06-13 |
| 833 | CVE-2022-32929 - Bypass iOS backup%27s TCC protection |
Local Privilege Escalation
TCC bypass
MacoS
iOS |
Apple |
Csaba Fitzl (@theevilbit) |
Bug Bounty | 2022-11-14 | 2023-06-13 |
| 789 | CVE-2022-32898: ANE_ProgramCreate() multiple kernel memory corruption |
Memory corruption
iOS
Kernel hacking |
Apple |
simo (@_simo36) |
Bug Bounty | 2022-11-23 | 2023-06-13 |
| 713 | Public Report – VPN by Google One Security Assessment |
Android
iOS
DoS
Windows
MacoS
Local Privilege Escalation |
Google |
Daniel Romero (@daniel_rome) |
Bug Bounty | 2022-12-09 | 2023-06-13 |
| 678 | Better Make Sure Your Password Manager Is Secure |
Hardcoded credentials
XSS
Cryptographic issues
Authorization flaw
Authentication bypass |
Click Studios |
kuekerino (@kuekerino) |
Bug Bounty | 2022-12-19 | 2023-06-13 |
| 597 | DER Entitlements: The (Brief) Return of the Psychic Paper |
iOS
MacOS
Local Privilege Escalation |
Apple |
Ivan Fratric (@ifsecure) |
Bug Bounty | 2023-01-12 | 2023-06-13 |
| 422 | Trellix Advanced Research Center Discovers a New Privilege Escalation Bug Class on macOS and iOS |
Local Privilege Escalation |
Apple (macOS) |
Austin Emmitt (@alkalinesec) |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 394 | Give me a browser, I’ll give you a Shell |
Local Privilege Escalation
Kiosk hacking |
NA |
Rend |
Bug Bounty | 2023-02-25 | 2023-06-13 |
| 358 | Web Cache Poisoning - Capability to disable/deface the app.██████████.com (A tale of poisoning through the layers of caching) |
Web cache poisoning |
NA |
Ankit Singh (@AnkitCuriosity) |
Bug Bounty | 2023-03-03 | 2023-06-13 |
