CVE-2025-20305

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrato...

CVE-2025-20305

Cisco ISE (web-based management interface) contains an information-disclosure vulnerability where certain files lack proper data protection, enabling an authenticated, read-only administrator to view passwords normally hidden to that role. Impact is limited to confidentiality (viewing sensitive c...

Apple patches 50 security flaws—update now

Apple has released security updates for iPhones, iPads, Macs, Apple Watches, Apple TVs, Safari, and Xcode, fixing nearly 50 security flaws. Some of these bugs could let cybercriminals see your private data, take control of parts of your device, or break key security protections. Installing these...

CVE-2025-43500

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to access sensitive user data...

CVE-2025-43395

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access protected user data...

CVE-2025-43422

The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection...

PT-2025-45127

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrato...

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine Cisco ISE is an environment-aware platform ISE Identity Services Engine from Cisco USA. The platform collects real-time information from the network, users, and devices, and develops and enforces policies to regulate the network. A security vulnerability exists in t...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988684 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix general protection fault in nilfsbtreeinsert If nilfs2 reads a corrupted disk image a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989184 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989727 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989067 advisory. In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionall...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989563)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989563 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990353 advisory. In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightnessshow with ledcdev-ledaccess mutex There is NULL pointer issue...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988737 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989196 advisory. In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989863)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989863 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Clean up hash directfunctions on register failures We see the following GPF when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988716 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst null pointer dereference This patch fixes a tunneldst null point...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988945)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988945 advisory. In the Linux kernel, the following vulnerability has been resolved: Add exception protection processing for vd in axichanhandleerr function Since there is no...

CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera

The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...