CVE Feeds

CVE News Feed

Updates on the latest vulnerabilities detected.
  • CVE ID :CVE-2025-59437
    Published : 16 septembre 2025 00:00 | 2 heures, 16 minutes ago
    Description :The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection attempts to the IP address 0 (interpreted as 0.0.0.0) are blocked with error messages such as net::ERR_ADDRESS_INVALID. However, in some situations that depend on both application version and operating system, connection attempts to 0 and 0.0.0.0 are considered connection attempts to 127.0.0.1 (and, for this reason, a false value of isPublic would be preferable).
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-59436
    Published : 16 septembre 2025 00:00 | 2 heures, 16 minutes ago
    Description :The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43375
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43372
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :The issue was addressed with improved input validation. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43371
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43370
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43369
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43368
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43367
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43366
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43362
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43359
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43358
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, iOS 18.7 and iPadOS 18.7, macOS Tahoe 26, iOS 26 and iPadOS 26. A shortcut may be able to bypass sandbox restrictions.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43357
    Published : 15 septembre 2025 23:15 | 3 heures ago
    Description :This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to fingerprint the user.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43356
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43355
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause a denial-of-service.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43354
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :A logging issue was addressed with improved data redaction. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43353
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43349
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a maliciously crafted video file may lead to unexpected app termination.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...
  • CVE ID :CVE-2025-43347
    Published : 15 septembre 2025 23:15 | 3 heures, 1 minute ago
    Description :This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An input validation issue was addressed.
    Severity: 0.0 | NA
    Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Information

Vortech Consulting is a network security and design consulting firm originally founded in 1997. Over our nearly 30 year history we have provided security services and products for a wide variety of companies around the globe.

Who's Online

We have 563 guests and no members online