9 matches found
EUVD-2025-12774
Malicious code in bioql PyPI...
EUVD-2025-12771
Malicious code in bioql PyPI...
CVE-2025-30422
A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...
Apple AirPlay SDK devices at risk of takeover—make sure you update
Researchers found a set of vulnerabilities in Apple’s AirPlay SDK that put billions of users at risk of their devices being taking over. AirPlay is Apple's proprietary wireless technology that allows you to stream audio, video, photos, and even mirror your device's screen from an iPhone, iPad, or...
CVE-2025-30422
A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination...
CVE-2025-30422
CVE-2025-30422 is a buffer overflow vulnerability in Apple’s AirPlay ecosystem (AirPlay audio SDK, AirPlay video SDK, and CarPlay Communication Plug-in). The issue, exploited by improper input handling, could allow an attacker on the same local network to trigger an unexpected application termina...
CVE-2025-24132
The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...
CVE-2025-24132
CVE-2025-24132 affects Apple AirPlay SDKs (AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126) and the CarPlay plug‑in (R18.1). The issue is described as a memory handling vulnerability that can cause an application to terminate when exploited from the local network. Public connected documents ...
Vulnerabilities fixed in Apple AirPlay as used by macOS, iOS and iPadOS
Apple has fixed vulnerabilities in AirPlay, as used in various Apple products including macOS, iOS and iPadOS. The vulnerabilities are exploited to cause a denial-of-service, bypass authentication and execute arbitrary code. To do this, the malicious party needs to send malicious content to a...