CVE tracker
@CVEtracker
275 subscribers
3.52K links
News monitoring: @irnewsagency

Main channel: @orgsecuritygate

Site: SecurityGate.org
Download Telegram
About
Blog
Apps
Platform
Join
CVE tracker
275 subscribers
CVE tracker
CVE-2025-67818 - Weaviate Path Traversal File Write

CVE ID : CVE-2025-67818
Published : Dec. 12, 2025, 5:15 p.m. | 16 minutes ago
Description : An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path (e.g., /etc/...) or use parent directory traversal (../../..) to escape the restore root when a backup is restored, potentially creating or overwriting files in arbitrary locations within the application's privilege scope.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
11 views
CVE tracker
CVE-2025-67819 - Weaviate File Path Traversal

CVE ID : CVE-2025-67819
Published : Dec. 12, 2025, 5:15 p.m. | 16 minutes ago
Description : An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker who can call the GetFile method while a shard is in the "Pause file activity" state and the FileReplicationService is reachable can read arbitrary files accessible to the service process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
11 views
CVE tracker
CVE-2025-43509 - Apple macOS Sensitive Data Exposure Vulnerability

CVE ID : CVE-2025-43509
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
9 views
CVE tracker
CVE-2025-43510 - Apple WatchOS Memory Corruption Vulnerability

CVE ID : CVE-2025-43510
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
9 views
CVE tracker
CVE-2025-43511 - Apple iOS Use-After-Free Vulnerability

CVE ID : CVE-2025-43511
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
7 views
CVE tracker
CVE-2025-43512 - "Apple macOS Privilege Escalation Vulnerability"

CVE ID : CVE-2025-43512
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to elevate privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43513 - "Apple macOS Location Permissions Denial of Service"

CVE ID : CVE-2025-43513
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to read sensitive location information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
4 views
CVE tracker
CVE-2025-43516 - Apple Voice Control Session Management Authentication Bypass

CVE ID : CVE-2025-43516
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A session management issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. A user with Voice Control enabled may be able to transcribe another user's activity.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43517 - Apple macOS Private Data Exposure

CVE ID : CVE-2025-43517
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access protected user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43518 - "Apple macOS Spellcheck API File Access Vulnerability"

CVE ID : CVE-2025-43518
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43519 - Apple macOS User Data Access Vulnerability

CVE ID : CVE-2025-43519
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43520 - Apple WatchOS Memory Corruption Vulnerability

CVE ID : CVE-2025-43520
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
4 views
CVE tracker
CVE-2025-43521 - Intel-based Mac macOS Sequoia Code-Signing Downgrade Vulnerability

CVE ID : CVE-2025-43521
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43522 - Intel-based Mac macOS Downgrade Code Signing Data Access

CVE ID : CVE-2025-43522
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access user-sensitive data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43523 - Apple macOS Sequoia Data Access Vulnerability

CVE ID : CVE-2025-43523
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43527 - "macOS Sequoia Privilege Escalation"

CVE ID : CVE-2025-43527
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to gain root privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43530 - "Apple macOS App Sensitive Data Access Vulnerability"

CVE ID : CVE-2025-43530
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
6 views
CVE tracker
CVE-2025-43532 - Apple macOS Memory Corruption Vulnerability

CVE ID : CVE-2025-43532
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A memory corruption issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. Processing malicious data may lead to unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43538 - Apple macOS Sonoma Logging Information Disclosure

CVE ID : CVE-2025-43538
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma 14.8.3. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views
CVE tracker
CVE-2025-43539 - Apple macOS Processing File Memory Corruption Vulnerability

CVE ID : CVE-2025-43539
Published : Dec. 12, 2025, 9:15 p.m. | 16 minutes ago
Description : The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. Processing a file may lead to memory corruption.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
5 views