PT-2026-39791

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a maliciously crafted file may lead to unexpected app termination...

PT-2026-27541

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.7 iPadOS versions prior to 18.7.7 iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Tahoe versions prior to 26.4 tvOS versions prior to 26.4 watchOS versions prior ...

EUVD-2026-8642

zae-limiter: DynamoDB hot partition throttling enables per-entity Denial of Service...

CVE-2026-1737

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function sgwcs5chandlecreatebearerrequest of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachable assertion. Remote exploitation of the attack ...

EUVD-2024-25019

Malicious code in bioql PyPI...

SUSE CVE-2025-31273

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-38276

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fix "don't skip locked entries when scanning entries" Commit 6be3e21d25ca "fs/dax: don't skip locked entries when scanning entries" introduced a new function, waitentryunlockedexclusive, which waits for the current entry ...

CVE-2025-38102

In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...

CVE-2024-44139

The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen...

CVE-2020-9965

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges...

CVE-2019-8662

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21631)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21631 advisory. - In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after...

CVE-2023-53067

CVE-2023-53067: Concrete details in connected docs show a LoongArch Linux kernel issue where get_timer_irq() is invoked multiple times in constant_clockevent_init(), causing a sleeping function to be called from an invalid context under CONFIG_DEBUG_ATOMIC_SLEEP=y and CONFIG_DEBUG_PREEMPT=y. The ...

CVE-2025-22121 ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...

CVE-2025-31282

Affected software: Trend Vision One (Trend Micro) — Trend Vision One User Account component. Description from connected documents confirms a broken access control flaw that could let an administrator create users who then change the account’s role, enabling privilege escalation. Root cause identi...

CVE-2025-24178

This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2023-53015 HID: betop: check shape of output reports

In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopffinit only checks the total sum of the report counts for each report field to be at least 4, but hidbetopffplay expects 4 report fields. A device advertising an output report with o...

CVE-2025-29768 Vim vulnerable to potential data loss with zip.vim and special crafted zip files

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...

CVE-2024-27284

cassandra-rs is a Cassandra CQL driver for Rust. Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0...

CVE-2025-0518

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...