Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code...

Linux Distros Unpatched Vulnerability : CVE-2022-32933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the...

CVE-2025-43187

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code...

CVE-2025-43187

Summary (CVE-2025-43187) This macOS-specific vulnerability arises from the hdiutil path where running the command may unexpectedly execute arbitrary code. The issue was mitigated by removing the vulnerable code and is fixed in macOS updates: Sonoma 14.7.7, Ventura 13.7.7, and Sequoia 15.6. The NV...

Missing Origin Validation in WebSockets

Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via the CheckOrigin function in the api/terminal.go file. An attacker can execute arbitrary commands on the target system by tricking an authenticated user into visiting a malicious web page that...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the parseline function. An attacker can cause a denial of service or cause unintended behavior by providing specially crafted input during processing. Remediation There is no fixed version for nasm...

CVE-2025-43274

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2025-43274

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2025-43274

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2025-43222

A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to cause unexpected app termination...

CVE-2025-43198

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data...

CVE-2025-43198

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data...

CVE-2025-43274

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2025-43274

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions...

Assemblyline 4 service client vulnerable to Arbitrary Write through path traversal in Client code

Path-Traversal - Arbitrary File Write in Assemblyline Service Client IMPORTANT: This vulnerability is valid if you decide to use the assemblyline-service-client outside of the normal practice to using Assemblyline in a production environment. In practice, this code should always be executed withi...

CVE-2025-47097

CVE-2025-47097 affects Adobe InCopy 20.3, 19.5.3 and earlier. It describes an Integer Underflow (Wrap or Wraparound) that could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file (UI: Required, Attack Vector: Local). The CVSS v3.1 scor...

CVE-2024-27824

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to elevate privileges...

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a maliciously crafted message may lead to a...

CVE-2024-40793

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. An app may be able to access user-sensitive data...

CVE-2024-44217

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication...