CVE Feeds
Latest CVEs
Updates on the latest vulnerabilities detected.
-
CVE-2025-14611 - Gladinet CentreStack and TrioFox Hard Coded AES Keys
CVE ID :CVE-2025-14611
Published : Dec. 12, 2025, 9:01 p.m. | 18 minutes ago
Description :Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication. This opens the door for future exploitation and can be leveraged with previous vulnerabilities to gain a full system compromise.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43518 - "Apple macOS Spellcheck API File Access Vulnerability"
CVE ID :CVE-2025-43518
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43522 - Intel-based Mac macOS Downgrade Code Signing Data Access
CVE ID :CVE-2025-43522
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access user-sensitive data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43467 - macOS Safari Privilege Escalation Vulnerability
CVE ID :CVE-2025-43467
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to gain root privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43471 - Apple macOS Tahoe File System Access Vulnerability (Information Disclosure)
CVE ID :CVE-2025-43471
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43406 - Apple macOS Tahoe Data Access Vulnerability
CVE ID :CVE-2025-43406
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43410 - "Apple Notes Information Disclosure Vulnerability"
CVE ID :CVE-2025-43410
Published : Dec. 12, 2025, 8:57 p.m. | 22 minutes ago
Description :The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2. An attacker with physical access may be able to view deleted notes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43538 - Apple macOS Sonoma Logging Information Disclosure
CVE ID :CVE-2025-43538
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma 14.8.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43539 - Apple macOS Processing File Memory Corruption Vulnerability
CVE ID :CVE-2025-43539
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. Processing a file may lead to memory corruption.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43542 - Apple FaceTime Password Disclosure Vulnerability
CVE ID :CVE-2025-43542
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :This issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.3. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43470 - Apple macOS Disk Image File Viewing Permission Vulnerability
CVE ID :CVE-2025-43470
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43523 - Apple macOS Sequoia Data Access Vulnerability
CVE ID :CVE-2025-43523
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43466 - Apple macOS SQLite Injection
CVE ID :CVE-2025-43466
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43519 - Apple macOS User Data Access Vulnerability
CVE ID :CVE-2025-43519
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43512 - "Apple macOS Privilege Escalation Vulnerability"
CVE ID :CVE-2025-43512
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to elevate privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43416 - Apple macOS Logic Flaw Allows Protected User Data Access
CVE ID :CVE-2025-43416
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access protected user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43482 - Apple macOS Denial-of-Service Vulnerability
CVE ID :CVE-2025-43482
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :The issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to cause a denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-46287 - Apple FaceTime Spoofing Vulnerability
CVE ID :CVE-2025-46287
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An attacker may be able to spoof their FaceTime caller ID.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43494 - Apple Mail Header Parsing Denial-of-Service Vulnerability
CVE ID :CVE-2025-43494
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. An attacker may be able to cause a persistent denial-of-service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-43461 - Apple macOS Tahoe Symbolic Link Validation Vulnerability (Data Access)
CVE ID :CVE-2025-43461
Published : Dec. 12, 2025, 8:56 p.m. | 22 minutes ago
Description :This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Information
Vortech Consulting is a network security and design consulting firm originally founded in 1997. Over our nearly 30 year history we have provided security services and products for a wide variety of companies around the globe.
Company
Who's Online
We have 576 guests and no members online