EUVD-2021-34832

Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...

CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2019-25354 iSmartViewPro 1.3.34 - Denial of Service

iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices...

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer...

CVE-2023-4617

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions...

OESA-2025-2879 usbmuxd security update

usbmuxd is a socket daemon to multiplex connections from and to iOS devices.It allows multiple services on the device to be accessed simultaneously. Security Fixes: A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before...

CVE-2025-43531

A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

EUVD-2010-1796

Malware in sbrugna...

EUVD-2008-3792

Malware in sbrugna...

EUVD-2025-8619

Malicious code in bioql PyPI...

EUVD-2022-27766

Malicious code in bioql PyPI...

CVE-2025-20363

A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance ASA Software, Cisco Secure Firewall Threat Defense FTD Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker Cisco ASA and FTD Software...

CVE-2025-43355

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause a denial-of-service...

Linux Distros Unpatched Vulnerability : CVE-2018-4089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS befor...

CVE-2025-20253

A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is due to the improper processing of...

PT-2025-30259 · Unknown · Two App Studio Journey

Name of the Vulnerable Software and Affected Versions: Two App Studio Journey version 5.5.9 Description: The application stores data in an unencrypted format within its database on iOS devices. This allows local attackers to extract sensitive information by directly accessing the application’s...

Vulnerabilities fixed in Zoom Clients

Zoom has fixed vulnerabilities in Zoom Clients Specifically versions for Linux, Windows, iOS and macOS. The vulnerabilities include incorrect certificate validation in Zoom Workplace for Linux, a buffer overflow in specific Zoom Clients for Windows, cross-site scripting in Zoom Clients for Window...

CVE-2020-35207

An issue was discovered in the LogMein LastPass Password Manager aka com.lastpass.ilastpass app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker could authenticate wi...

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below - CVE-2025-24085 CVSS score: 7.3 - A use-after-free bug in the Core Medi...

CVE-2025-2909

The lack of encryption in the DuoxMe formerly Blue application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information...