4.8
CVE-2025-68114 - Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflβ¦
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStream_concat lets a malicious cs_opt_mem.vsnprintf drive SStreamβs index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit 2c7797182a16β¦
4.8
CVE-2025-67873 - Capstone doesn't check Skipdata length, leading to cs_insn.bytes heap buffer overflow
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make cs_disasm/cs_disasm_iter memcpy more than 24 bytes into cs_insn.bytes, causing a heap buffer overflow in the disassembly path. Commit cbef767β¦
7.5
CVE-2025-67493 - Homarr issing input sanitization and possible privilege escalation through ldap search query injectβ¦
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap authenticβ¦
0.0
CVE-2025-43514 -
The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.
0.0
CVE-2025-46281 -
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox.
0.0
CVE-2025-46278 -
The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.
0.0
CVE-2025-46279 -
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. An app may be able to identify what other apps a user has installed.
0.0
CVE-2025-46291 -
A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.
0.0
CVE-2025-43533 -
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. A malicious HID device may cause an unexpected process crash.
0.0
CVE-2025-43475 -
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data.