The vulnerability of the AutoGRAPH Web monitoring software platform lies in the insufficient protection of operational data, which allows attackers to disclose the protected information.

The vulnerability of the AutoGRAPH Web monitoring software platform lies in the insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by sending a specially crafted POST request...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Broker VM component in the Cortex XDR security platform, related to improper protection of the alternative path, allows a perpetrator to disclose protected information.

The vulnerability of the Broker VM component in the Cortex XDR security platform is related to improper protection of the alternative path. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

CVE-2025-43206

CVE-2025-43206 describes a local path traversal in macOS where directory-path parsing lacked sufficient validation. Fixed in macOS updates: Sequoia 15.6, Ventura 13.7.7, and Sonoma 14.7.7. The issue could let an app access protected user data due to improved path validation. The CVSS v3.1 base sc...

CVE-2025-43260

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...

CVE-2025-43260

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...

CVE-2025-43260

CVE-2025-43260 affects Apple macOS Sequoia (15.6) and macOS Sonoma (14.7.7). The issue could allow an app to hijack entitlements granted to other privileged apps, representing a local-attack surface with low confidentiality/ integrity impact per the provided metrics. The vulnerability is mitigate...

CVE-2025-43227

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information...

CVE-2025-43195

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data...

CVE-2025-43198

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data...

CVE-2025-43198

The CVE-2025-43198 issue affects macOS Sequoia and macOS Sonoma; the vulnerability could allow an app to access protected user data. It has been addressed by removing the vulnerable code and is fixed in macOS Sequoia 15.6 and macOS Sonoma 14.7.7. The available documents do not specify the exact r...

CVE-2025-43185

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data...

CVE-2025-43185

CVE-2025-43185 relates to a downgrade issue in macOS Sequoia that could allow an app to access protected user data. The fixed version is macOS Sequoia 15.6, which implements additional code-signing restrictions to mitigate the issue. The public records describe the vulnerability as a downgrade/pa...

CVE-2025-43220

Apple CVE-2025-43220 relates to insufficient symlink validation. Affected products include iPadOS 17.7.9 and macOS 15.6 Sequoia, 14.7.7 Sonoma, and 13.7.7 Ventura. The issue may allow an app to access protected user data. It is addressed by Apple through updates to those OS versions (per the CVE ...

CVE-2025-43220

This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...

CVE-2025-43243

CVE-2025-43243 is a macOS vulnerability describing a permissions issue that could allow an app to modify protected parts of the file system. The issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, and macOS Sonoma 14.7.7. According to the CVE entry, the CVSS v3.1 base score is 9.8 (CRITIC...

GO-2025-3818 Mattermost has Insufficiently Protected Credentials in github.com/mattermost/mattermost-server

Mattermost has Insufficiently Protected Credentials in github.com/mattermost/mattermost-server...