CVE-2025-68130 vulnerabilities

Vulnerabilities for packages: langfuse...

CVE-2025-14812

ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

CVE-2025-47319

Information disclosure while exposing internal TA-to-TA communication APIs to HLOS...

PT-2025-52423

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader versions prior to 2025.2.1 Foxit PDF Reader versions prior to 14.0.1 Foxit PDF Reader version 13.2.1 Description A use-after-free issue exists in the way Foxit PDF Reader handles annotations. Opening a PDF file with specific...

Apple macOS Tahoe Underchecked Vulnerability

Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from an insufficient inspection vulnerability that can be exploited by an attacker to ask for...

PT-2025-52489

ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk...

PT-2025-52394

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.2 CFR3 and prior Mitsubishi Electric ICONICS Suite versions 10.97.2 CFR3 and prior Mitsubishi Electric Iconics...

Lilac-Reloaded 操作系统命令注入漏洞

Lilac-Reloaded is a graphical configuration management tool for eskyuu individual developers. An operating system command injection vulnerability exists in Lilac-Reloaded version 2.0.8, which stems from a lack of input filtering in the autodiscovery feature, and could lead to remote code executio...

CVE-2025-43428

A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication...

CVE-2025-46288

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive payment tokens...

EUVD-2025-204308

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

CVE-2025-64723

Summary: Arduino IDE for macOS prior to 2.3.7 had overly permissive security entitlements that could bypass the macOS Hardened Runtime protections, enabling an attacker to inject malicious dynamic libraries into the process and access all TCC permissions granted to the app. Impact (as stated): by...

EUVD-2025-204309

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...

CVE-2025-47319

Information disclosure while exposing internal TA-to-TA communication APIs to HLOS...

EUVD-2025-204038

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

EUVD-2025-204032

Information disclosure while exposing internal TA-to-TA communication APIs to HLOS...

SUSE CVE-2025-43501

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

SUSE CVE-2025-43536

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

PT-2025-51995

Name of the Vulnerable Software and Affected Versions Ruijie Networks AP180 series versions affected versions not specified Description The RG-AP180, an indoor wall plate wireless AP, contains an OS command injection issue. An attacker who gains access to the CLI service can execute arbitrary OS...