3151 matches found
PT-2025-51008
CVE-2025-43512 A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to elevate privileges. https://t.co/wsXeQ6FvMw...
PT-2025-51893
Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 macOS Tahoe versions prior to 26.2 visionOS versions prior to 26.2 webkit2gtk3 affected versions not specified wpewebkit affected versions not...
PT-2025-51019
Name of the Vulnerable Software and Affected Versions macOS versions prior to 14.8.3 macOS versions prior to 15.7.3 macOS version 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 Description An application may be able to access sensitive user data due to insufficient checks. The...
PT-2025-51023
Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7.3 Description A flaw exists in FaceTime on macOS Sequoia that could lead to the unintentional revelation of password fields when remotely controlling a device. The issue was caused by inconsistent user...
PT-2025-51010
Name of the Vulnerable Software and Affected Versions macOS Sonoma versions prior to 14.8.3 macOS Sequoia versions prior to 15.7.3 Description A flaw exists in session management. Improved checks have been implemented to address this issue. A user with Voice Control enabled may be able to...
Automated Penetration Testing with LLM Agents and Classical Planning
While penetration testing plays a vital role in cybersecurity, achieving fully automated, hands-off-the-keyboard execution remains a significant research challenge. In this paper, we introduce the "Planner-Executor-Perceptor PEP" design paradigm and use it to systematically review existing work a...
CVE-2025-31248
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data...
SUSE CVE-2025-43440
This issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-31216
The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...
CVE-2025-31216
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...
PT-2025-47804
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.5 iPadOS versions prior to 17.7.7 and prior to 18.5 Description A security issue exists where an attacker with physical access to a device may be able to override managed Wi-Fi profiles. The issue was addressed with...
CVE-2025-43205
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to bypass ASLR...
EUVD-2025-116960
Malicious code in improvedmockingbirdz3n npm...
EUVD-2025-98064
Malicious code in improvedlocustz3n npm...
EUVD-2025-98063
Malicious code in improvedmandrillz3n npm...
EUVD-2025-74543
Malicious code in improvedtroutturquoise-61 npm...
EUVD-2025-74545
Malicious code in improvednewtyellow-96 npm...
EUVD-2025-76590
Malicious code in improvedraccoon-silentdev npm...
Malicious code in improved_catshark_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3235b01e5ca353316b13cb6aa439e56ea580059a15d7cd2d726ae11048bca637 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-79048
Malicious code in improvedcatsharkz3n npm...