• Stars
    star
    352
  • Rank 120,622 (Top 3 %)
  • Language
    Objective-C
  • License
    Apache License 2.0
  • Created about 2 years ago
  • Updated 9 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A public collection of POCs & Exploits for the vulnerabilities I discovered

POC

For research purposes only!

A public collection of POCs & Exploits for the vulnerabilities I discovered.

  • CVE-2022-22583 PackageKit: An application may be able to access restricted files (SIP Bypass)
  • CVE-2022-26690 PackageKit: A malicious application may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-32800 PackageKit: An app may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-26728 SoftwareUpdate: A malicious application may be able to access restricted files (TCC Bypass)
  • CVE-2022-22616 Safari Downloads: A maliciously crafted ZIP archive may bypass Gatekeeper checks (Gatekeeper Bypass)
  • CVE-2022-22639 SoftwareUpdate: An application may be able to gain elevated privileges
  • CVE-2022-26712 PackageKit: A malicious application may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2022-32786 PackageKit: An app may be able to modify protected parts of the file system (SIP Bypass)
  • CVE-2023-23525 LaunchServices: An app may be able to gain root privileges