🚨 CVE-2025-24111
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
🎖@cveNotify
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3 and iPadOS 18.3, tvOS 18.3, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination.
🎖@cveNotify
Apple Support
About the security content of iOS 18.3 and iPadOS 18.3 - Apple Support
This document describes the security content of iOS 18.3 and iPadOS 18.3.
🚨 CVE-2025-24142
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data.
🎖@cveNotify
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.5 - Apple Support
This document describes the security content of macOS Sequoia 15.5.
🚨 CVE-2025-24144
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Ventura 13.7.6, iOS 18.3 and iPadOS 18.3, tvOS 18.3. An app may be able to leak sensitive kernel state.
🎖@cveNotify
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Ventura 13.7.6, iOS 18.3 and iPadOS 18.3, tvOS 18.3. An app may be able to leak sensitive kernel state.
🎖@cveNotify
Apple Support
About the security content of iOS 18.3 and iPadOS 18.3 - Apple Support
This document describes the security content of iOS 18.3 and iPadOS 18.3.
🚨 CVE-2025-24155
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to disclose kernel memory.
🎖@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to disclose kernel memory.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.3 - Apple Support
This document describes the security content of macOS Sequoia 15.3.
🚨 CVE-2025-24220
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4. An app may be able to read a persistent device identifier.
🎖@cveNotify
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4. An app may be able to read a persistent device identifier.
🎖@cveNotify
Apple Support
About the security content of iOS 18.4 and iPadOS 18.4 - Apple Support
This document describes the security content of iOS 18.4 and iPadOS 18.4.
🚨 CVE-2025-24222
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash.
🎖@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.5 - Apple Support
This document describes the security content of macOS Sequoia 15.5.
🚨 CVE-2024-28339
An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
🎖@cveNotify
An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
🎖@cveNotify
GitHub
IoT-vuls/Netgear CBR40\CBK40\CBK43/Info Leak in Netgear-CBR40、CBK40、CBK43 Router(debuginfo.htm).md at main · funny-mud-peee/IoT…
iot-vuls. Contribute to funny-mud-peee/IoT-vuls development by creating an account on GitHub.
🚨 CVE-2024-28340
An information leak in the currentsetting.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
🎖@cveNotify
An information leak in the currentsetting.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required.
🎖@cveNotify
GitHub
IoT-vuls/Netgear CBR40\CBK40\CBK43/Info Leak in Netgear-CBR40、CBK40、CBK43 Router(currentsetting.htm).md at main · funny-mud-peee/IoT…
iot-vuls. Contribute to funny-mud-peee/IoT-vuls development by creating an account on GitHub.
🚨 CVE-2024-30808
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at Ap4ByteStream.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
🎖@cveNotify
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubStream::~AP4_SubStream at Ap4ByteStream.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
🎖@cveNotify
GitHub
heap-use-after-free with ASAN in mp42ts · Issue #937 · axiomatic-systems/Bento4
Dear Bento4 developers, I used AFL++ to fuzz test Bento4 and found some problems. To debug a program built with ASan, here is some output BUG1 ======================================================...
🚨 CVE-2024-30809
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
🎖@cveNotify
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
🎖@cveNotify
GitHub
heap-use-after-free with ASAN in mp42ts · Issue #937 · axiomatic-systems/Bento4
Dear Bento4 developers, I used AFL++ to fuzz test Bento4 and found some problems. To debug a program built with ASan, here is some output BUG1 ======================================================...
🚨 CVE-2020-25730
Cross Site Scripting (XSS) vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHP_SELF component in classic/views/download.php.
🎖@cveNotify
Cross Site Scripting (XSS) vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHP_SELF component in classic/views/download.php.
🎖@cveNotify
GitHub
Fix xss reported by Noccolo Picca relating to not sanitizing connkey · ZoneMinder/zoneminder@9268db1
ZoneMinder is a free, open source Closed-circuit television software application developed for Linux which supports IP, USB and Analog cameras. - Fix xss reported by Noccolo Picca relating to not sanitizing connkey · ZoneMinder/zoneminder@9268db1
🚨 CVE-2024-22949
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
🚨 CVE-2023-44857
An issue in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the sub_21D24 function in the acu_web component.
🎖@cveNotify
An issue in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the sub_21D24 function in the acu_web component.
🎖@cveNotify
pine-amphibian-9b9 on Notion
SAILOR Ku Software RCE and Privilege Escalation - Statistics report | Notion
Vulnerability Title : SAILOR Ku Software RCE and Privilege Escalation - Diagnostics report
Vulnerability Summary : In Reporting page, We can exploit using OS Command Injection in sender and recipients input value
Manufacturer : cobham
Software Name : SAILOR…
Vulnerability Summary : In Reporting page, We can exploit using OS Command Injection in sender and recipients input value
Manufacturer : cobham
Software Name : SAILOR…
🚨 CVE-2022-29181
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
🎖@cveNotify
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.
🎖@cveNotify
GitHub
fix: {HTML4,XML}::SAX::{Parser,ParserContext} check arg types · sparklemotion/nokogiri@83cc451
Previously, arguments of the wrong type might cause segfault on CRuby.
🚨 CVE-2022-35024
OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
🎖@cveNotify
OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
🎖@cveNotify
🚨 CVE-2022-37234
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy.
🎖@cveNotify
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy.
🎖@cveNotify
🚨 CVE-2022-31937
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd.
🎖@cveNotify
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd.
🎖@cveNotify
🚨 CVE-2022-40087
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function file_put_contents(). This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
🎖@cveNotify
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function file_put_contents(). This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
🎖@cveNotify
Medium
Simple College Website 1.0 — Unauthenticated Arbitrary File Upload RCE
Simple College Website 1.0 was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution.
🚨 CVE-2023-44856
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub_21D24 function in the acu_web file.
🎖@cveNotify
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub_21D24 function in the acu_web file.
🎖@cveNotify
pine-amphibian-9b9 on Notion
[ENG] SAILOR Ku Software XSS - Statistics report | Notion
Vulnerability Title : SALIOR Ku Software XSS - Statistics report
🚨 CVE-2023-40491
Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21439.
🎖@cveNotify
Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21439.
🎖@cveNotify
Zerodayinitiative
ZDI-23-1191
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability