Yingqi Shi

Researcher fromDBAppSecurity's WeBin lab
#8382of 53,634
32.8Total CVSS
Vulnerabilities · 4
High
4
PT-2026-39787
7.5
2026-05-11
Apple · Macos Sequoia · CVE-2026-28924
**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 **Description** A race condition exists due to improper handling of symbolic links, which are shortcuts that point to another file or directory. This flaw may allow an application to access Contacts without obtaining user consent. **Recommendations** Update macOS Sequoia to version 15.7.7. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5.
PT-2025-18939
7.7
2025-05-03
Apple · Ios · CVE-2025-31207
**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.5 iPadOS versions prior to 18.5 **Description** A logic issue was identified and addressed through improved checks within the FrontBoard component. This issue allows an application to potentially enumerate a user's installed applications. Reports indicate that this issue has been exploited by some App Store applications to detect the presence of TrollStore on a device. **Recommendations** Update to iOS version 18.5 or later. Update to iPadOS version 18.5 or later.
PT-2024-6719
10
2024-10-08
Microsoft · Windows · CVE-2024-43533
Name of the Vulnerable Software and Affected Versions: Remote Desktop Client versions prior to 1.2.5709 Description: The issue is related to a use-after-free vulnerability in the Remote Desktop Protocol (RDP) Client of Windows operating systems. This vulnerability can be exploited by a remote attacker to execute arbitrary code. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Recommendations: For versions prior to 1.2.5709, update to version 1.2.5709 or later to resolve the issue. As a temporary workaround, consider restricting access to the Remote Desktop Client until a patch is applied.
PT-2024-1149
7.6
2024-01-09
Microsoft · Windows · CVE-2024-21307
**Name of the Vulnerable Software and Affected Versions** Remote Desktop Client versions prior to 1.2.5105 **Description** The issue is related to errors in synchronization when using a shared resource in the Remote Desktop Protocol (RDP) of the Windows operating system. This can allow a remote attacker to execute arbitrary code. **Recommendations** For versions prior to 1.2.5105, update to version 1.2.5105 or later to resolve the issue. As a temporary workaround, consider restricting access to the Remote Desktop Protocol to minimize the risk of exploitation.