SUSE CVE-2025-43501

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

SUSE CVE-2025-43536

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

PT-2025-51995

Name of the Vulnerable Software and Affected Versions Ruijie Networks AP180 series versions affected versions not specified Description The RG-AP180, an indoor wall plate wireless AP, contains an OS command injection issue. An attacker who gains access to the CLI service can execute arbitrary OS...

EasyPHP Webserver 操作系统命令注入漏洞

EasyPHP Webserver is an EasyPHP open source platform that can build development environments. An operating system command injection vulnerability exists in EasyPHP Webserver version 14.1, which stems from OS command injection and could lead to the execution of arbitrary system commands...

Ruijie AP180 series 操作系统命令注入漏洞

The Ruijie AP180 series is a series of wireless access point devices from China's Ruijie. The Ruijie AP180 series suffers from an operating system command injection vulnerability that originates from OS command injection and could lead to the execution of arbitrary commands...

PT-2025-52244

Name of the Vulnerable Software and Affected Versions Arduino IDE versions prior to 2.3.7 Description Arduino IDE for macOS, before version 2.3.7, had overly permissive security entitlements. This configuration bypassed macOS Hardened Runtime protections, allowing attackers to inject malicious...

CVE-2025-46288

A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26.2, iOS 26.2 and iPadOS 26.2, watchOS 26.2, macOS Tahoe 26.2. An app may be able to access sensitive payment tokens...

CVE-2025-46279

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to identify what other apps a user has installed...

CVE-2025-43535

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43501

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43535

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43514

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data...

CVE-2025-46279

CVE-2025-46279 describes a permissions issue in Apple operating systems where an app may identify other apps installed on a user’s device. Affected platforms include watchOS, iOS/iPadOS, macOS, visionOS, and tvOS. The root cause involves insufficient restrictions on app visibility of installed so...

CVE-2025-43535

CVE-2025-43535 affects WebKitGTK/webkitgtk4. The issue is a memory-handling flaw in WebKitGTK that may cause an unexpected process crash when processing malicious web content. Affected packages include webkitgtk4 (and related webkit2gtk/WebKitGTK deployments) with fixes shipped in WebKitGTK 2.50....

CVE-2025-43533

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. A malicious HID device may cause an unexpected process crash...

CVE-2025-43475

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data...

CVE-2025-46288

A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26.2, iOS 26.2 and iPadOS 26.2, watchOS 26.2, macOS Tahoe 26.2. An app may be able to access sensitive payment tokens...

CVE-2025-46288

The CVE affects Apple platforms (visionOS, iOS, iPadOS, watchOS, macOS Tahoe) with a permissions issue that could allow an app to access sensitive payment tokens. Root cause is insufficient privilege restrictions; the issue is fixed in visionOS 26.2, iOS 26.2, iPadOS 26.2, watchOS 26.2, and macOS...

EUVD-2025-203946

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When copying the contents of the first...

CVE-2025-66647 RIOT OS has buffer overflow in gnrc_ipv6_ext_frag_reass

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When copying the contents of the first...