CVE-2025-46287

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An attacker may be able to spoof their FaceTi...

CVE-2025-46287

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An attacker may be able to spoof their FaceTi...

PT-2025-51026

Name of the Vulnerable Software and Affected Versions macOS versions prior to 14.8.3 macOS versions prior to 15.7.3 Description An issue with inconsistent user interface state management could allow an attacker to spoof their FaceTime caller ID. There are no reports of active exploits...

PT-2025-51040

A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this...

PT-2025-51039

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.1.4 Airflow versions prior to 2.11.1 Description A flaw exists in Airflow where the user interface UI error reporting could expose sensitive information passed as keyword arguments kwargs to operators when a Directe...

CVE-2025-13954

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...

CVE-2025-12029 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have, under certain circumstances, allowed an unauthenticated user to perform unauthorized actions on behalf of another user by injecting malicious...

PT-2025-50793

Name of the Vulnerable Software and Affected Versions pdfforge PDF Architect affected versions not specified Description A flaw exists in the Launch action implementation of pdfforge PDF Architect, allowing remote attackers to execute arbitrary code. User interaction is required, specifically the...

PT-2025-50792

Name of the Vulnerable Software and Affected Versions pdfforge PDF Architect affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of pdfforge PDF Architect. User interaction is required, specifically the target must vis...

PT-2025-50791

Name of the Vulnerable Software and Affected Versions Soda PDF Desktop affected versions not specified Description A flaw exists in the implementation of the Launch action within Soda PDF Desktop, allowing remote attackers to execute arbitrary code on affected installations. User interaction is...

PT-2025-50780

Name of the Vulnerable Software and Affected Versions PDFsam Enhanced affected versions not specified Description A flaw exists in PDFsam Enhanced related to the Launch action, allowing remote attackers to execute arbitrary code. User interaction is required, specifically the target must visit a...

FreeBSD : Gitlab -- vulnerabilities (c6c9306e-d645-11f0-8ce2-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c6c9306e-d645-11f0-8ce2-2cf05da270f3 advisory. Gitlab reports: Cross-site scripting issue in Wiki impacts GitLab CE/EE Improper encoding in...

libreps-exploit

LibrePS is the most advanced and stable PS4 exploit software for...

CVE-2025-64667

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2025-13954

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...

PT-2025-54575

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A user interface issue in Google Chrome may not adequately warn users about unsafe actions. Remote attackers could potentially bypass existing security restrictions by exploiting this...

EUVD-2025-201892

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm...

CVE-2025-64667

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

CVE-2025-64667

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...