Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 26.2 and Apple iPadOS prior to version 26.2, which stems fro...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Tahoe versions prior to 26.2, which stems from an insufficient check resulting in a logic issue that could cause an application to...

Apple 安全漏洞

Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system developed for mobile...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in several Apple...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Apple products that originates from memory mishandli...

PT-2025-51858

Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This allows a local low-privileged user to inject arbitrary...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets.The vulnerabilities in Apple iOS are caused by a configuratio...

PT-2025-51827

Name of the Vulnerable Software and Affected Versions Radiometer products affected versions not specified Description A security issue exists in multiple Radiometer products that could allow an attacker with physical access to the analyzer to obtain credential information. The vulnerability is du...

CVE-2024-46062

Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This flaw allows a local low-privileged user to inject arbitra...

Photon OS 5.0: Imagemagick PHSA-2025-5.0-0714

An update of the ImageMagick package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0714. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Cisco Multiple Products Improper Input Validation Vulnerability

Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance...

CVE-2025-8872

On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch. This issue was discovered...

CVE-2025-65318

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

EUVD-2025-203628

WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able to execute arbitrary OS commands on the server using path traversal in the showerr script. This issue was fixed in version...

CVE-2025-59385

An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to access resources which are not otherwise accessible without proper authentication. We have already fixed the...

CVE-2025-62848

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build...

CVE-2025-59385

The CVE-2025-59385 issue is an authentication bypass by spoofing affecting QNAP QTS and QuTS hero OSes. The vulnerability could allow remote attackers to access restricted resources. Fixed in QTS 5.2.7.3297 (build 20251024) and QuTS hero h5.2.7.3297 (build 20251024) as well as h5.3.1.3292 (build ...

CVE-2025-59385 QTS, QuTS hero

An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to access resources which are not otherwise accessible without proper authentication. We have already fixed the...

CVE-2025-62847 QTS, QuTS hero

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

CVE-2025-62848

CVE-2025-62848 is a NULL pointer dereference vulnerability reported affecting multiple QNAP platforms (QTS and QuTS hero). The issue allows remote attackers to trigger a denial-of-service via network access, as described in vendor notes. Affected versions have been patched in QTS 5.2.7.3297 build...