Astra Linux - уязвимость в webkit2gtk

A out-of-bounds write issue has been addressed through improved bounds checking. This issue is fixed in iOS 15.6.1, iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report indicating that...

Astra Linux - уязвимость в webkit2gtk

A race condition has been addressed through improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary...

PT-2026-34037

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

CVE-2025-65947

thread-amount is a tool that gets the amount of threads in the current process. Prior to version 0.2.2, there are resource leaks when querying thread counts on Windows and Apple platforms. In Windows platforms, the threadamount function calls CreateToolhelp32Snapshot but fails to close the return...

CVE-2025-12893

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

CVE-2025-12893

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage EKU requirements. A certificate that specifies extendedKeyUsage but is missing extendedKeyUsage = clientAuth may still be successfully...

PT-2025-47988

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.0.16 MongoDB Server versions prior to 8.2.2 Description A MongoDB server may incorrectly establish TLS handshakes with clients or servers presenting certificates that d...

CVE-2025-43449

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users between installs...

CVE-2025-43427

CVE-2025-43427 is a WebKitGTK/WebKit issue where processing maliciously crafted web content may cause an unexpected process crash. The connected advisories show WebKitGTK/WebKit updates addressing this and related CVEs (e.g., 43392, 43429–43432, 43434, 43458, 66287). The fix is implemented via up...

Linux Distros Unpatched Vulnerability : CVE-2018-4373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTun...

Linux Distros Unpatched Vulnerability : CVE-2023-27932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9....

CVE-2023-27963

The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without prompting the use...

CVE-2021-1833

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to gain elevated privileges...

CVE-2024-54497

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service...

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which originates from a visit to a...

CVE-2024-44277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory...

PT-2024-22093 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18 iPadOS versions prior to 18 macOS Sequoia versions prior to 15 Description: The issue allows an app to record the screen without an indicator. This was addressed with improved checks. Recommendations: For iOS versions...

CVE-2023-42893

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access protecte...

UBUNTU-CVE-2022-32919

The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing...