Lucene search
K

721 matches found

CVE
CVE
added 2025/12/12 8:57 p.m.17 views

CVE-2025-43522

CVE-2025-43522 is a downgrade issue affecting Intel-based Mac computers. The vulnerability arises in macOS with a downgrade path that was addressed by adding code‑signing restrictions, and is fixed in macOS Tahoe 26.2 and macOS Sequoia 15.7.3. An app may be able to access user‑sensitive data due ...

3.3CVSS5.8AI score0.00113EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/12 8:57 p.m.23 views

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...

0.00113EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/12 8:56 p.m.5 views

CVE-2025-43521

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access sensitive user data...

5.4AI score0.00128EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 8:56 p.m.17 views

CVE-2025-43521

CVE-2025-43521 describes a downgrade issue affecting Intel-based Macs that was mitigated by adding code-signing restrictions. The issue could allow an app to access sensitive user data, and the vulnerability is fixed in macOS Tahoe 26.2 and macOS Sequoia 15.7.3. Public references in the connected...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/12 8:56 p.m.20 views

CVE-2025-43521

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access sensitive user data...

0.00128EPSS
Exploits0References2
Apple
Apple
added 2025/12/12 12:0 a.m.14 views

About the security content of macOS Sequoia 15.7.3

About the security content of macOS Sequoia 15.7.3 This document describes the security content of macOS Sequoia 15.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

9.8CVSS7.5AI score0.17301EPSS
Exploits2References1Affected Software1
Apple
Apple
added 2025/12/12 12:0 a.m.73 views

About the security content of macOS Tahoe 26.2

About the security content of macOS Tahoe 26.2 This document describes the security content of macOS Tahoe 26.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

9.8CVSS7.3AI score0.17301EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.4 views

PT-2025-51015

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.3 Description A flaw exists in macOS on Intel-based Mac computers that could allow an application to access sensitive user data. The issue was addressed through enhanced code-signing restrictions. Recommendations...

6.3AI score0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.5 views

PT-2025-51016

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.3 Description A flaw exists in macOS on Intel-based Mac computers related to code-signing restrictions. This could allow an application to access user-sensitive data. Recommendations Update to macOS version 15.7.3 ...

6.5AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/11 5:22 a.m.3 views

CVE-2025-66506

A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service DoS due to excessive memory allocation when processing a malicious OpenID Connect OIDC identity token containing numerous period characters...

7.5CVSS6AI score0.00191EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/05 6:18 p.m.4 views

EUVD-2025-201293

Fulcio allocates excessive memory during token parsing...

7.5CVSS6.4AI score0.00191EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/04 10:4 p.m.3 views

CVE-2025-66506

Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.3, function identity.extractIssuerURL splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious...

7.5CVSS6.4AI score0.00191EPSS
Exploits0
EUVD
EUVD
added 2025/12/02 9:31 p.m.7 views

EUVD-2025-200299

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

9.3CVSS7.6AI score0.00628EPSS
Exploits0References2
NVD
NVD
added 2025/12/02 8:15 p.m.6 views

CVE-2025-13658

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

9.3CVSS0.00628EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 7:35 p.m.12 views

CVE-2025-13658 Industrial Video & Control Longwatch has a Code Injection vulnerability

A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges...

9.3CVSS0.00628EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/11/20 4:6 a.m.16 views

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef. The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilitates remote acces...

6.6AI score
Exploits0
CNVD
CNVD
added 2025/11/10 12:0 a.m.3 views

Apple macOS Sequoia Code Signature Limit Insufficiency Vulnerability

Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia suffers from an insufficient code signature restriction vulnerability that can be exploited by an attacker to access sensitive user data...

5.5CVSS6.8AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/05 2:14 a.m.5 views

CVE-2025-43468

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS6.5AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/05 2:13 a.m.3 views

CVE-2025-43390

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 2:15 a.m.6 views

CVE-2025-43468

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS0.00115EPSS
Exploits0References3
Rows per page
Query Builder