| CVE | Platform | Vendor | Product | Classification |
|---|---|---|---|---|
| CVE-2022-3155 | macOS | Mozilla | Thunderbird | Gatekeeper bypass |
| CVE-2022-3421 | macOS | Google Drive for Desktop | LPE | |
| CVE-2022-28768 | macOS | Zoom | Zoom for macOS Installers | LPE |
| CVE-2022-42789 | macOS | Apple | macOS (AppleMobileFileIntegrity) | TCC bypass |
| CVE-2023-21611 | macOS | Adobe | Adobe Acrobat Reader | LPE |
| CVE-2023-21612 | macOS | Adobe | Adobe Acrobat Reader | LPE |
| CVE-2023-23533 | macOS | Apple | macOS (Sandbox) | SIP bypass |
| CVE-2023-24930 | macOS | Microsoft | OneDrive | LPE |
| CVE-2023-25953 | macOS | WORKS MOBILE Japan | LINE WORKS Drive Explorer | TCC bypass |
| CVE-2023-26396 | macOS | Adobe | Adobe Acrobat Reader | LPE |
| CVE-2023-27529 | macOS | Wacom | Wacom Tablet Driver installer | LPE |
| CVE-2023-28261 | macOS | Microsoft | Microsoft Edge (Chromium-based) | LPE |
| CVE-2023-28596 | macOS | Zoom | Zoom for macOS Installers | LPE |
| CVE-2023-28600 | macOS | Zoom | Zoom for macOS clients | LPE |
| CVE-2023-29166 | macOS | Apple | Pro Video Formats | SIP bypass |
| CVE-2023-32357 | macOS | Apple | macOS (Sandbox) | TCC bypass (App Protection) |
| CVE-2023-32546 | macOS | Chatwork | Chatwork Desktop Application | TCC bypass |
| CVE-2023-41775 | macOS | L is B Corp. | "direct" Desktop App for macOS | TCC bypass |
| CVE-2023-41979 | macOS | Apple | macOS (XProtectFramework) | SIP bypass |
| CVE-2023-42860 | macOS | Apple | macOS (PackageKit) | SIP bypass |
| CVE-2023-42876 | macOS | Apple | macOS (BOM) | Out-of-bounds read |
| CVE-2023-42886 | macOS | Apple | macOS (CoreServices) | Buffer overread |
| CVE-2024-23201 | iOS/macOS | Apple | iOS/macOS (libxpc) | DoS |
| Platform | Vendor | Product | Link | Memo |
|---|---|---|---|---|
| macOS | Apple | macOS (APFS) | Apple Security Updates | APFS timestamp flaw |
| macOS | Apple | macOS (File Quarantine) | Apple Security Updates | Gatekeeper bypass |
| macOS | Apple | macOS (quarantine) | Apple Security Updates | Gatekeeper bypass |
| macOS | Apple | macOS (Rosetta) | Apple Security Updates | XProtect bypass |
| Conference | Title |
|---|---|
| Black Hat EU 2020 | Jack-in-the-Cache: A New Code injection Technique through Modifying X86-to-ARM Translation Cache |
| CODE BLUE 2021 | Appearances are deceiving: Novel offensive techniques in Windows 10/11 on ARM |
| Black Hat Asia 2023 | Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache |
| CODE BLUE 2023 | Bypassing macOS Security and Privacy Mechanisms: From Gatekeeper to System Integrity Protection |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent