96 matches found
CVE-2025-65501
Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...
CVE-2025-43391
CVE-2025-43391 concerns a privacy issue in Apple platforms resolved by updates that fix how temporary files are handled. Affected products include macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2, iOS 26.1 and iPadOS 26.1. The underlying flaw allowed an app to access sensitive user dat...
CVE-2025-43479
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia version 15.7.2, which stems from mishandling of sensitive information and could lead to an application accessing protected...
Apple macOS 安全漏洞
Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia has a privilege issue vulnerability that can be exploited by attackers to cause an application to access sensitive user data...
EUVD-2010-2917
Malware in sbrugna...
EUVD-2024-20742
Malicious code in bioql PyPI...
CVE-2025-31269
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8. An app may be able to access protected user data...
PT-2025-37853
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: A privacy issue was addressed by relocating sensitive data. An application may be able to access protected user data. Recommendations: Update to macOS Sonoma...
A week in security (August 4 – August 10)
Last week on Malwarebytes Labs: Adult sites trick users into Liking Facebook posts using a clickjack Trojan Facebook users targeted in ‘login’ phish TeaOnHer, the male version of Tea, is leaking personal information on its users too How Google, Adidas, and more were breached in a Salesforce scam...
AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app data
AgentFlayer is a critical vulnerability in ChatGPT Connectors. Learn how this zero-click attack uses indirect prompt injection to…...
Linux Distros Unpatched Vulnerability : CVE-2021-23977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application...
About the security content of macOS Ventura 13.7.3
About the security content of macOS Ventura 13.7.3 This document describes the security content of macOS Ventura 13.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
UBUNTU-CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
CVE-2024-27871
CVE-2024-27871 describes a path handling issue in Apple platforms that was addressed with improved validation. The description indicates that an app may have been able to access protected user data due to this path handling problem. Public fix details show the issue is resolved in macOS Sonoma 14...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS and Apple iPadOS version 17.5, which originates from an applicati...
Apple macOS Ventura Security Vulnerability
Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.6.4, which stems from an application that may be able to access sensitive user data...
Design/Logic Flaw
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. An app may be able to access protected user data...
Apple macOS Ventura Security Vulnerability
Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.3, which stems from an application that may be able to access sensitive user data...
CVE-2023-28872
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport location...