Lucene search
K

25211 matches found

RedHat Linux
RedHat Linux
added 2025/11/04 5:34 p.m.5 views

foreman: OS command injection via ct_location and fcct_location parameters

A flaw was found in Red Hat Satellite Foreman component. This vulnerability allows an authenticated user with editsettings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting...

8CVSS6AI score0.00519EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2025/11/04 2:24 p.m.9 views

Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks

Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system OS commands under certain conditions. "The vulnerability allows remote unauthenticated attackers to easily...

9.8CVSS8.2AI score0.62378EPSS
Exploits5
NCSC
NCSC
added 2025/11/04 12:53 p.m.11 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS 26.1 and iPadOS 26.1. The vulnerabilities affected several privacy and security issues, including unauthorized access to user data, the risk of data exfiltration, and memory management vulnerabilities that could lead to unexpected system crashes. Attackers...

8.8CVSS6.5AI score0.01317EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/04 3:47 a.m.4 views

Progress Flowmon vulnerable to authenticated OS command injection

Overview Progress Flowmon provided by Progress Software Corporation contains the following vulnerability. Authenticated OS command injection CWE-78 - CVE-2025-10239 Kentaro Kawane of GMO Cybersecurity by Ierae reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.2CVSS7.2AI score0.00349EPSS
Exploits0References5
NVD
NVD
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43503

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Visiting a malicious website may lead to user interface spoofing...

4.3CVSS0.00367EPSS
Exploits0References6
NVD
NVD
added 2025/11/04 2:15 a.m.5 views

CVE-2025-43507

A privacy issue was addressed by moving sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to fingerprint the user...

6.5CVSS0.00335EPSS
Exploits0References5
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43507

A privacy issue was addressed by moving sensitive data. This issue is fixed in watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. An app may be able to fingerprint the user...

6.5CVSS5.7AI score0.00335EPSS
Exploits0References5
NVD
NVD
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43493

The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS0.00341EPSS
Exploits0References5
NVD
NVD
added 2025/11/04 2:15 a.m.1 views

CVE-2025-43498

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data...

5.5CVSS0.00172EPSS
Exploits0References5
NVD
NVD
added 2025/11/04 2:15 a.m.4 views

CVE-2025-43479

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS0.00184EPSS
Exploits0References3
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43493

The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS5.8AI score0.00341EPSS
Exploits0References5
OSV
OSV
added 2025/11/04 2:15 a.m.2 views

CVE-2025-43499

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00165EPSS
Exploits0References4
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43477

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data...

5.5CVSS5.7AI score0.00174EPSS
Exploits0References3
NVD
NVD
added 2025/11/04 2:15 a.m.2 views

CVE-2025-43472

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to gain root privileges...

7.8CVSS0.00173EPSS
Exploits1References3
OSV
OSV
added 2025/11/04 2:15 a.m.1 views

DEBIAN-CVE-2025-43458

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS5.6AI score0.00538EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 2:15 a.m.5 views

CVE-2025-43455

A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, watchOS 26.1, macOS Tahoe 26.1, visionOS 26.1. A malicious app may be able to take a screenshot of sensitive information in embedded views...

5.5CVSS5.7AI score0.00228EPSS
Exploits0References4
OSV
OSV
added 2025/11/04 2:15 a.m.4 views

CVE-2025-43458

This issue was addressed through improved state management. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS5.8AI score
Exploits0References7
OSV
OSV
added 2025/11/04 2:15 a.m.2 views

CVE-2025-43450

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access...

7.5CVSS5.8AI score0.00354EPSS
Exploits0References2
NVD
NVD
added 2025/11/04 2:15 a.m.5 views

CVE-2025-43442

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to identify what other apps a user has installed...

3.3CVSS0.00161EPSS
Exploits0References2
NVD
NVD
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43438

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected Safari crash...

8.8CVSS0.01007EPSS
Exploits0References20
Rows per page
Query Builder