MAL-2025-47218 Malicious code in @crowdstrike/logscale-parser-edit (npm)

Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...

PT-2025-37967

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s io uring/kbuf subsystem related to signedness in the this len calculation. When importing and using buffers, the buf-len value is treated as unsigne...

CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data...

CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43321

CVE-2025-43321 affects macOS Sequoia 15.7 and macOS Sonoma 14.8, fixed by blocking unsigned services from launching on Intel Macs. The issue could allow an app to access protected user data. Documents consistently indicate this remediation in the cited macOS updates (Sequoia 15.7, Sonoma 14.8) wi...

CVE-2025-43321

The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the vfio/type1 container not properly handling the lockedvm count when executing exec, which could result in...

PT-2025-37825

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.7 macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: An application may be able to access protected user data. The issue was resolved by blocking unsigned services from launchi...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from an unsigned service that may access protected user data. The following versions are affected: macOS Sequoia prior ...

About the security content of macOS Tahoe 26

About the security content of macOS Tahoe 26 This document describes the security content of macOS Tahoe 26. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of macOS Sequoia 15.7

About the security content of macOS Sequoia 15.7 About the security content of macOS Sequoia 15.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of macOS Sonoma 14.8

About the security content of macOS Sonoma 14.8 This document describes the security content of macOS Sonoma 14.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

CVE-2025-39795

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

CVE-2025-20248

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

AZL-74691 CVE-2025-39795 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

DEBIAN-CVE-2025-39795

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

UBUNTU-CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

BIT-KYVERNO-2022-47633

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry or a man-in-the-middle attacker to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations a...