CVE-2025-31281

CVE-2025-31281 affects Apple OSes including visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. It stems from an input validation/memory handling issue; processing a maliciously crafted file may cause an app to terminate unexpectedly. Affected versions should be updated to the ...

GHSA-Q78P-G86F-JG6Q Bugsink path traversal via event_id in ingestion

Summary In affected versions, ingestion paths construct file locations directly from untrusted eventid input without validation. A specially crafted eventid can result in paths outside the intended directory, potentially allowing file overwrite or creation in arbitrary locations. Submitting such...

Security Bulletin: Technical Support Appliance - possible security flaw in managing memory

Summary A flaw in the KASAN Kernel Address Sanitizer code may allow memory to be accessed that is no longer used, potentially exposing security related information. Vulnerability Details CVEID:CVE-2023-52922 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: can: bcm...

RLSA-2025:7540 Moderate: libjpeg-turbo security update

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Security Fixes: libjpeg-turbo:...

RLSA-2025:8743 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: um: Fix out-of-bounds read in LDT setup CVE-2022-49395 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refe...

RHSA-2025:11992 Red Hat Security Advisory: sqlite security update

Bulletin has no description...

RHSA-2025:11868 Red Hat Security Advisory: python-setuptools security update

Bulletin has no description...

RHSA-2025:11849 Red Hat Security Advisory: unbound security update

Bulletin has no description...

PT-2025-31258 · Unknown · Tuleap Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1750843170 Tuleap Enterprise Edition versions prior to 16.8-4 and 16.9-2 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

PT-2025-31222 · Hcl · Hcl Bigfix Remote Control Server Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix Remote Control Server WebUI versions 10.1.0.0248 and lower Description: Improper access restrictions in the WebUI allow non-admin users to view unauthorized information on certain web pages. Recommendations: Update HCL BigFix Remot...

Security Bulletin: NVIDIA Omniverse Launcher - July 2025

NVIDIA has released a software update for NVIDIA® Omniverse Launcher. To protect your system, download and install this software update from the Omniverse Launcher Overview Page. Go to NVIDIA Product Security...

PT-2025-31260 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1751892857 Tuleap Enterprise Edition versions prior to 16.8-5 and 16.9-3 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

PT-2025-31280 · Apple · Macos Ventura +4

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able ...

PT-2025-31307 · Apple · Macos Ventura +4

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: A logging issue existed due to insufficient data redaction. This allowed an...

PT-2025-31334 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able to break out of its sandbox. Recommendations: Update to...

PT-2025-31339 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: A logic error was addressed with improved error handling. iCloud Private Relay may not activate when more than one user is logged in simultaneously. Recommendations: Update to version 15.6...

PT-2025-31167 · Switchbot · Switchbot App

Name of the Vulnerable Software and Affected Versions: SwitchBot App versions V6.24 through V9.12 Description: The SwitchBot App for iOS/Android contains a flaw that results in sensitive information being written to log files. Exploitation of this issue may allow an attacker with access to...

PT-2025-31232 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A race condition existed that was addressed with additional validation. This issue could allow an application to break out of its sandbox...

PT-2025-31315 · Apple · Macos Ventura 13.7.7 +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 macOS versions prior to Ventura 13.7.7 Description: An out-of-bounds access issue exists due to insufficient bounds checking. Processing a maliciously crafted file may...

PT-2025-31266 · National Instruments · Ni Labview

Name of the Vulnerable Software and Affected Versions: NI LabVIEW versions 2025 Q1 and prior Description: A memory corruption issue exists due to improper input validation in the lvpict.cpp file. Successful exploitation requires a user to open a specially crafted VI, potentially leading to...