Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

DEBIAN-CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274 Black: Arbitrary file writes from unsanitized user input in cache file name

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

CVE-2026-32274 Black: Arbitrary file writes from unsanitized user input in cache file name

Black is the uncompromising Python code formatter. Prior to 26.3.1, Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the...

GHSA-3936-CMFR-PM3M Black: Arbitrary file writes from unsanitized user input in cache file name

Impact Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file...

Black: Arbitrary file writes from unsanitized user input in cache file name

Impact Black writes a cache file, the name of which is computed from various formatting options. The value of the --python-cell-magics option was placed in the filename without sanitization, which allowed an attacker who controls the value of this argument to write cache files to arbitrary file...

Black 路径遍历漏洞

Black is a Python code formatting tool open-sourced by the Python Software Foundation. Versions of Black prior to 26.3.1 had a path traversal vulnerability. This vulnerability stemmed from the value of the “python-cell-magics” option, which did not clean up cache file names. As a result, it was...

Apple Security Update: iOS 26.3.1 and iPadOS 26.3.1

Apple recommends to install security update iOS 26.3.1 and iPadOS 26.3.1 on devices iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later...

Apple Security Update: macOS Tahoe 26.3.1

Apple recommends to install security update macOS Tahoe 26.3.1 on devices macOS Tahoe...

Apple Security Update: macOS Tahoe 26.3.1

Apple recommends to install security update macOS Tahoe 26.3.1 on devices macOS Tahoe...

Apple Security Update: visionOS 26.3.1

Apple recommends to install security update visionOS 26.3.1 on devices Apple Vision Pro all models...

PT-2026-25073

Name of the Vulnerable Software and Affected Versions Black versions prior to 26.3.1 Description Black, a Python code formatter, prior to version 26.3.1, improperly sanitizes user-supplied input when constructing the filename for a cache file. Specifically, the value provided to the...

Adobe Illustrator < 25.4.6 / 26.0.0 < 26.3.1 Multiple Vulnerabilities (APSB22-26) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 25.4.6, 26.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-26 advisory. - Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds...

CVE-2022-34263

Adobe Illustrator versions 26.3.1 and earlier and 25.4.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-34260 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Illustrator versions 26.3.1 and earlier and 25.4.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2022-34261 Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Illustrator versions 26.3.1 and earlier and 25.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

PT-2022-4393 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.3.1 and earlier Adobe Illustrator versions 25.4.6 and earlier Description: The issue is related to an out-of-bounds read in memory, which could allow an attacker to gain unauthorized access to sensitive informati...

PT-2022-4382 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.3.1 and earlier Adobe Illustrator versions 25.4.6 and earlier Description: The issue is related to an out-of-bounds write vulnerability in the memory, which could allow an attacker to execute arbitrary code using...