4.8

CVSS3.1

CVE-2025-67873 - Capstone doesn't check Skipdata length, leading to cs_insn.bytes heap buffer overflow

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767…

πŸ“… Published: Dec. 17, 2025, 9:12 p.m. πŸ”„ Last Modified: Jan. 2, 2026, 6:39 p.m.

7.5

CVSS3.1

CVE-2025-67493 - Homarr issing input sanitization and possible privilege escalation through ldap search query inject…

Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap authentic…

πŸ“… Published: Dec. 17, 2025, 9:09 p.m. πŸ”„ Last Modified: Jan. 30, 2026, 6:32 p.m.

5.5

CVSS3.1

CVE-2025-43514 -

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 2, 2026, 6:26 p.m.

8.4

CVSS3.1

CVE-2025-46281 -

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 2, 2026, 6:25 p.m.

5

CVSS3.1

CVE-2025-46278 -

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 2, 2026, 6:25 p.m.

9.8

CVSS3.1

CVE-2025-46279 -

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to identify what other apps a user has installed.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 2, 2026, 7:21 p.m.

5.5

CVSS3.1

CVE-2025-46291 -

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.

πŸ“… Published: Dec. 17, 2025, 8:47 p.m. πŸ”„ Last Modified: April 2, 2026, 6:21 p.m.

5.7

CVSS3.1

CVE-2025-43533 -

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 2, 2026, 7:21 p.m.

5.5

CVSS3.1

CVE-2025-43475 -

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 2, 2026, 6:16 p.m.

9.8

CVSS3.1

CVE-2025-43526 -

This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted.

πŸ“… Published: Dec. 17, 2025, 8:46 p.m. πŸ”„ Last Modified: April 2, 2026, 7:20 p.m.
Total resulsts: 343738
Page 2006 of 34,374
Β« previous page Β» next page
Filters