Preparing for the EU Radio Equipment Directive security requirements

TL;DR UK & EU IoT vendors have more security regulation coming in Applies to all wireless devices Comes into force 1st August 2025 It may be absorbed into the Cyber Resilience Act From 1st August 2025, mandatory cybersecurity requirements come into effect under the EU’s Radio Equipment Directive...

CVE-2025-24239

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain is a data protection storage appliance from Dell Technologies, built on the Data Domain platform and designed for building a resilient foundation for networks and enabling rapid data recovery. An access control vulnerability exists in Dell PowerProtect Data Domain,...

The vulnerability of the TIFFInput::read_native_scanlines() function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library allows an attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the TIFFInput::readnativescanlines function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

CVE-2025-24250

This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app acting as a HTTPS proxy could get access to sensitive user data...

CVE-2025-24281

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24263

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data...

CVE-2025-24181

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data...

CVE-2025-31689

Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...

GHSA-JV6R-MJ9P-9XFF Drupal General Data Protection Regulation Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery. This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...

Drupal General Data Protection Regulation Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery. This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2...

WordPress plugin GDPR Cookie Notice 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-14423 · Unknown · Salesmate Add-On For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Salesmate Add-On for Gravity Forms versions n/a through 2.0.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

CVE-2025-30463

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-30460

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data...

CVE-2025-24281

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24281

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

CVE-2025-24278

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access protected user data...

CVE-2025-24263

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data...

CVE-2025-24250

This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app acting as a HTTPS proxy could get access to sensitive user data...