PT-2025-31332 · Apple · Macos Sequoia 15.6 +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: An application may be able to hijack entitlements granted to other privileged applications due to improved data protection. Recommendations: Update to mac...

PT-2025-31320 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A flaw allows an application to potentially access protected user data due to a downgrade issue. This issue was addressed with additional...

PT-2025-31302

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: The issue involves incorrect symlink resolution prior to file access. Exploitation...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to insufficient protection of sensitive data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the CI/CD application integration and delivery system provided by JetBrains TeamCity, related to insufficient protection of registration data, allows attackers to disclose protected information.

The vulnerability of the Continuous Integration and Deployment application delivery system CI/CD of TeamCity in JetBrains is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

SharpKatz

This is a port of the mimikatz tool, specifically the sekurlsa::logonpasswords, sekurlsa::ekeys, and lsadump::dcsync commands, to C and .NET. The tool is called SharpKatz. The tool is designed to extract sensitive information from a Windows system, including: Logon passwords Kerberos encryption...

CVE-2025-7001

Removed by vendor...

The vulnerability of the UMIP function in AMD’s microprogramming software allows attackers to disclose protected information.

The vulnerability of the UMIP function in AMD’s microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of AMD’s microprogramming software for processors lies in the insufficient protection of operational data, which allows attackers to disclose protected information.

The vulnerability of AMD’s microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of microprogrammed software in Canon’s imageRUNNER ADVANCE, imageRUNNER, imagePRESS V, imagePRESS, Satera series printers relates to insufficient protection of registration data, allowing attackers to disclose protected information.

The vulnerability of microprogrammed software in Canon’s imageRUNNER ADVANCE, imageRUNNER, imagePRESS V, imagePRESS, and Satera series printers relates to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker to disclose protected information remotely...

The vulnerability of AMD’s microprogramming software for processors lies in the insufficient protection of operational data, which allows attackers to disclose protected information.

The vulnerability of AMD’s microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to disclose protected information...

Proton launches Lumo, a privacy-focused AI chatbot

Proton, known for its privacy focused set of services, announced the introduction of Lumo, a privacy-first Artificial Intelligence AI chatbot. It is good to know before you dive in that Proton’s chatbot has two user options that offer a very different experience. If you want Lumo to access the...

PT-2025-31629

Name of the Vulnerable Software and Affected Versions Mozilla Firefox affected versions not specified Description The vulnerability in Mozilla Firefox on Android operating systems relates to a flaw in the data protection mechanism. Remote exploitation of this issue may allow an attacker to bypass...

Building a Robust OAuth Token Based API Security: a High Level Overview

APIs Application Programming Interfaces or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and scalable solutions for secure authentication and authorization...

The vulnerability of Juniper Networks’ Junos OS operating systems arises from a flaw in the data protection mechanism, allowing attackers to circumvent existing security restrictions.

The vulnerability of Juniper Networks’ Junos OS lies in the compromised data protection mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.5 security and bug fix update

OpenShift API for Data Protection OADP 1.4.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

The vulnerability of the Golang programming language, related to insufficient protection of sensitive data, allows attackers to gain access to potentially confidential information.

The vulnerability of the Golang programming language is related to the insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to potentially confidential information...

How Secure Is Online Fax: Privacy and Data Protection Standards

When it comes to sharing sensitive documents online, security sits at the top of everyone’s checklist. Online faxing is…...

The vulnerability of the Windows SmartScreen security function in Microsoft Windows operating systems allows a hacker to circumvent existing security restrictions.

The vulnerability of the Windows SmartScreen security function in Microsoft Windows systems relates to a breach of data protection mechanisms. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent existing security restrictions...

The vulnerability of the Thunderbird email client, related to insufficient protection of administrative data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Thunderbird email client is related to insufficient protection for administrative data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...