CVE-2025-58131 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

CVE-2025-24887

OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the external flag on/off and change...

CVE-2025-24887

OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the external flag on/off and change...

CVE-2025-24887 OpenCTI bypass of protected attribute update

OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the external flag on/off and change...

PT-2024-8517 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: FortiClient MacOS versions 7.4.0, 7.2.4 and below, 7.0.10 and below, 6.4.10 and below Description: The issue is related to an improper verification of cryptographic signature, which may allow a local authenticated attacker to swap the install...

CVE-2024-50341

symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom userchecker defined on a firewall is not called when Login Programmaticaly with the Security::login method, leading to...

Fortinet Fortigate RSA SSH host key lost at shutdown (FG-IR-22-228)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-228 advisory. - A key management error vulnerability CWE-320 affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below,...

Sensitive Auth & Cookie data stored in Jupyter server logs

Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Upgrade ...

Atlassian JIRA 6.4.x < 6.4.10 CSRF / XSRF (Bar Mitzvah)

Binary data 9736.prm...

Atlassian JIRA < 6.4.10 / 7.0.0-OD-02 MitM Plaintext Disclosure (Bar Mitzvah)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is prior to 6.4.10 or 7.0.0-OD-02. It is, therefore, potentially affected by a security feature bypass vulnerability, known as Bar Mitzvah, due to improper combination of state data with...