About the security content of visionOS 2.5

About the security content of visionOS 2.5 This document describes the security content of visionOS 2.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

PT-2025-20584 · Ibm · Ibm App Connect Enterprise Certified Container

Name of the Vulnerable Software and Affected Versions: IBM App Connect Enterprise Certified Container versions 8.1 through 12.10 Description: The issue concerns the use of weaker than expected cryptographic algorithms to protect the database storing flows in DesignerAuthoring instances. This coul...

Vulnerability of software for managing IBM Engineering Requirements Management DOORS: Next, a vulnerability related to insufficient protection of registration data, which allows attackers to disclose protected information.

The vulnerability of the IBM Engineering Requirements Management DOORS Next software lies in the insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

The vulnerability of the VPN service module of the HarmonyOS operating system, which allows a perpetrator to trigger a service failure.

The vulnerability of the VPN service module of the HarmonyOS operating system is related to insufficient protection of registration data. Exploiting this vulnerability could allow a hacker to cause a service failure...

The vulnerability of the IBM Guardium Data Protection platform regarding data security protection, which stems from improper privilege assignment, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Guardium Data Protection platform for data security protection is related to improper privilege assignment. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the BRS_netgear_success.html component of the NETGEAR WNR2000v5 router’s embedded software allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BRSnetgearsuccess.html component of the NETGEAR WNR2000v5 router’s embedded software is related to insufficient protection for service data. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility of the protect...

CVE-2025-37832

CVE-2025-37832 entry is rejected/not used; not a active vulnerability entry.

PT-2025-20277 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Network Configuration Access Control Module NACM could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or...

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report DBIR — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine...

Why Secure Document Management Matters Against Cybersecurity Threats

Cybersecurity threats aren’t just aimed at servers or customer databases. They also target a company’s most vital but…...

The vulnerability of the CI/CD system’s registration data protection mechanism in TeamCity allows unauthorized access by attackers, enabling them to obtain unauthorized access to protected information.

The vulnerability of the CI/CD application integration and delivery system of JetBrains TeamCity is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

Ireland's Data Protection Commission DPC on Friday fined popular video-sharing platform TikTok €530 million $601 million for infringing data protection regulations in the region by transferring European users' data to China. "TikTok infringed the GDPR regarding its transfers of EEA European...

NCSC Guidance on “Advanced Cryptography”

The UK's National Cyber Security Centre just released its white paper on "Advanced Cryptography," which it defines as "cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography." It includes things like...

Federal Data, Meet your New Bodyguard: DSPM joins Wiz for Government

Wiz is excited to bring Data Security Posture Management DSPM into our FedRAMP authorized offering. DSPM enables organizations requiring FedRAMP to automate classification, policy enforcement, and continuous monitoring for their sensitive cloud data...

Dell PowerProtect Data Manager Reporting Improperly Escaped Vulnerability

Dell PowerProtect Data Manager Reporting is a data protection management software. Dell PowerProtect Data Manager Reporting suffers from an improper escape vulnerability that stems from the program's failure to properly process output, no details of the vulnerability are available at this time...

Dell PowerProtect Data Manager Reporting Elevation of Privilege Vulnerability

Dell PowerProtect Data Manager Reporting is a data protection management software. An elevation of privilege vulnerability exists in Dell PowerProtect Data Manager Reporting, which can be exploited by an attacker to gain elevated privileges because the program fails to properly restrict API...

Dell PowerProtect Data Manager Reporting Information Disclosure Vulnerability

Dell PowerProtect Data Manager Reporting is a data protection management software. An information disclosure vulnerability exists in Dell PowerProtect Data Manager Reporting, which arises from the program's failure to properly handle template input and can be exploited by an attacker to obtain...

The vulnerability of Cisco Meraki network devices’ microprogramming software, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Cisco Meraki network devices’ microprogramming software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Synology Router Manager operating system, related to insufficient protection of service data, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Synology Router Manager operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of Microprogramming Software in Cisco SIP IP Phones like Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series arises from insufficient protection for operational data, allowing unauthorized access to protected information by attackers.

The vulnerability of the microprogramming software used in Cisco SIP IP phones and Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series lies in the insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected informatio...