Lucene search
K

12 matches found

CVE
CVE
added 2026/02/11 10:58 p.m.63 views

CVE-2026-20700

CVE-2026-20700 is a memory corruption issue in dyld that Apple fixed in macOS Tahoe 26.3, iOS 26.3/iPadOS 26.3, tvOS 26.3, visionOS 26.3, and watchOS 26.3. An attacker with memory write capability could potentially execute arbitrary code; this may have been exploited in a targeted attack on earli...

7.8CVSS7.6AI score0.01319EPSS
In wildExploits4References6Affected Software6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18428

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.01009EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6302

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0424EPSS
Exploits4References14
The Hacker News
The Hacker News
added 2025/09/16 11:6 a.m.11 views

Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 CVSS score: 8.8, an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a...

10CVSS7.5AI score0.19972EPSS
Exploits18
ATTACKERKB
ATTACKERKB
added 2025/04/16 12:0 a.m.10 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that...

9.8CVSS6AI score0.12358EPSS
In wildExploits4References5
NVD
NVD
added 2025/03/11 6:15 p.m.16 views

CVE-2025-24201

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4...

10CVSS0.0424EPSS
Exploits4References21
NVD
NVD
added 2025/02/10 7:15 p.m.22 views

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report...

6.1CVSS0.04906EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/02/10 7:4 p.m.14 views

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely...

3.8AI score0.04906EPSS
Exploits0References2
CISA
CISA
added 2024/12/18 12:0 p.m.10 views

CISA Releases Best Practice Guidance for Mobile Communications

Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted in response to identified cyber espionage activity by People’s Republic of China PRC government-affiliated threat actors targeting commercial telecommunications infrastructure, specifically addressing...

7AI score
Exploits0References2
Talos Blog
Talos Blog
added 2023/08/09 12:0 p.m.14 views

What is commercial spyware?

Weve talked quite a bit about spyware recently, with very good reason. Recently, concerns have grown regarding the rapid growth of commercial spyware tools, and the way in which they are being used against their intended victims. This Need to Know article talk about the broader effects of spyware...

6.7AI score
Exploits0
HackRead
HackRead
added 2019/05/14 3:51 p.m.62 views

WhatsApp flaw lets hackers install spyware on iOS & Android devices

By Ryan De Souza It is unclear whether the WhatsApp vulnerability has been exploited or how many victims have been targeted. WhatsApp is used by roughly 1.5 billion people around the world, and the presence of a security hole that can be exploited for conducting spying on targeted individuals is...

1.3AI score
Exploits0
ThreatPost
ThreatPost
added 2014/09/08 3:0 p.m.9 views

New Timing Attack Could De-Anonymize Google Users

A new timing attack has been disclosed that could de-anonymize Google users under particular conditions. Google acknowledged the issue to researcher Andrew Cantino, the vice president of engineering at Mavenlink, but told him it would not address the issue because the risk is low. “I agree that...

0.5AI score
Exploits0References1
Rows per page
Query Builder