CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43321

CVE-2025-43321 affects macOS Sequoia 15.7 and macOS Sonoma 14.8, fixed by blocking unsigned services from launching on Intel Macs. The issue could allow an app to access protected user data. Documents consistently indicate this remediation in the cited macOS updates (Sequoia 15.7, Sonoma 14.8) wi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the vfio/type1 container not properly handling the lockedvm count when executing exec, which could result in...

PT-2025-37825

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.7 macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: An application may be able to access protected user data. The issue was resolved by blocking unsigned services from launchi...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from an unsigned service that may access protected user data. The following versions are affected: macOS Sequoia prior ...

About the security content of macOS Sequoia 15.7

About the security content of macOS Sequoia 15.7 About the security content of macOS Sequoia 15.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of macOS Tahoe 26

About the security content of macOS Tahoe 26 This document describes the security content of macOS Tahoe 26. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of macOS Sonoma 14.8

About the security content of macOS Sonoma 14.8 This document describes the security content of macOS Sonoma 14.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

CVE-2025-39795

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

CVE-2025-20248

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

AZL-74691 CVE-2025-39795 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

DEBIAN-CVE-2025-39795

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

UBUNTU-CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

BIT-KYVERNO-2022-47633

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...

Cisco IOS XR Data Forgery Issue Vulnerability (CNVD-2025-21252)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a data forgery vulnerability that arises from incomplete file validation during installation, which can be exploited by an attacker to cause unsigned...

Cisco IOS XR Software Image Verification Bypass (cisco-sa-xrsig-UY4zRUCG)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an...

Vulnerabilities fixed in Cisco IOS XR Software

Cisco has fixed vulnerabilities in Cisco IOS XR Software. The vulnerabilities are in how Cisco IOS XR Software handles management interface ACL processing, the installation process and ARP implementation. A malicious party can exploit these vulnerabilities to bypass configured access control list...

CVE-2025-20248

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...