Your Windows PC has a security deadline in June 2026

A Secure Boot certificate refresh is rolling out across supported Windows devices through Windows Update. In June 2026, the Secure Boot certificates that have shipped inside Windows since 2011 begin to expire, and Microsoft is replacing them with new 2023-dated certificates. The good news: If you...

Apple Security Update: iOS 12.5.8 and iPadOS 12.5.8

Apple recommends to install security update iOS 12.5.8 and iPadOS 12.5.8 on devices iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation...

Lexmark Printers Path Traversal (CVE-2018-18894)

Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers 7PK - Security Features (CVE-2019-10059)

The legacy finger service TCP port 79 is enabled by default on various older Lexmark devices. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Lexmark Printers Cross-site Scripting (CVE-2019-18791)

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Cross-site Scripting (CVE-2019-19773)

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Cross-site Scripting (CVE-2019-19772)

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...

ZK-SERIES: Privacy-Preserving Authentication Using Temporal Biometric Data

Biometric authentication relies on physiological or behavioral traits that are inherent to a user, making them difficult to lose, forge or forget. Biometric data with a temporal component enable the following authentication protocol: recent readings of the underlying biometrics are encoded as tim...

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content=TE935=en=ENUS...

PT-2024-3896

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.3 watchOS versions prior to 10.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 Description: The issue is related to the Apple Shortcuts app, where a shortcut may be able to use sensitive data with...

Apple Issues Urgent Security Update for Older iOS and iPadOS Models

Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529 , concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant wi...

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when...

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when...

Apple releases security update for iPhones and iPads to address vulnerability

Apple has released a security update for iOS 12.5.6 to patch a remotely exploitable WebKit vulnerability that allows attackers to execute arbitrary code on unpatched devices. The WebKit zero-day that is known as CVE-2022-32893 was fixed for iOS 15.6.1, iPadOS 15.6, and macOS Monterey 12.5.1 on...

CVE-2022-0138

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created...

Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider. Impacting older smartphone models — GS100, GS160, GS170, GS180, GS270 plus, and GS370 plus series — the malware took the form of...

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

Unspecified Vulnerability in Comba Telecom AP2600-I

Comba Telecom AP2600-I is a wireless access point device from Comba Telecom India. A security vulnerability exists in the upcfgAction.php file in Comba Telecom AP2600-I devices A02,0202N00PD2 and earlier versions, which can be exploited by a remote attacker with the help of a specially crafted...

CVE-2018-18894

Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...