Aggregator

CVE-2023-40456 | Apple watchOS App access control

3 months 1 week ago

A vulnerability has been found in Apple watchOS and classified as critical. The affected element is an unknown function of the component App Handler. This manipulation causes improper access controls. This vulnerability is registered as CVE-2023-40456. The attack needs to be launched locally. No exploit is available. The affected component should be upgraded.

vuldb.com

CVE-2023-40456 | Apple tvOS App access control

Vuldb Updates

3 months 1 week ago

A vulnerability was found in Apple tvOS and classified as critical. The impacted element is an unknown function of the component App Handler. Such manipulation leads to improper access controls. This vulnerability is documented as CVE-2023-40456. The attack needs to be performed locally. There is not any exploit available. It is suggested to upgrade the affected component.

vuldb.com

CVE-2023-40520 | Apple iOS/iPadOS access control

Vuldb Updates

3 months 1 week ago

A vulnerability was found in Apple iOS and iPadOS. It has been classified as critical. This affects an unknown function. Performing manipulation results in improper access controls. This vulnerability is reported as CVE-2023-40520. The attack requires a local approach. No exploit exists. Upgrading the affected component is recommended.

vuldb.com

CVE-2023-40520 | Apple watchOS access control

Vuldb Updates

3 months 1 week ago

A vulnerability was found in Apple watchOS. It has been declared as critical. This impacts an unknown function. Executing manipulation can lead to improper access controls. This vulnerability appears as CVE-2023-40520. The attack requires local access. There is no available exploit. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-40455 | Apple macOS 13 permission

Vuldb Updates

3 months 1 week ago

A vulnerability marked as critical has been reported in Apple macOS 13. This issue affects some unknown processing. The manipulation leads to permission issues. This vulnerability is traded as CVE-2023-40455. An attack has to be approached locally. There is no exploit available. It is suggested to upgrade the affected component.

vuldb.com

CVE-2025-20304 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface cross site scripting (cisco-sa-ise-multiple-vulns-O9BESWJH / EUVD-2025-37882)

Vuldb Updates

3 months 1 week ago

A vulnerability marked as problematic has been reported in Cisco Identity Services Engine Software. The affected element is an unknown function of the component Web-based Management Interface. Performing manipulation results in cross site scripting. This vulnerability was named CVE-2025-20304. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

vuldb.com

CVE-2025-43493

CVE Trends

3 months 1 week ago

Currently trending CVE - Hype Score: 16 - The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Visiting a malicious website may lead to address bar spoofing.

CVE-2025-43503

CVE Trends

3 months 1 week ago

Currently trending CVE - Hype Score: 16 - An inconsistent user interface issue was addressed with improved state management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Visiting a malicious website may lead to user interface spoofing.

Iranian Hackers Targeting Academics and Foreign Policy Experts Using RMM Tools

Cyber Security News

3 months 1 week ago

A previously unidentified Iranian threat actor has emerged with sophisticated social engineering tactics aimed at academics and foreign policy experts across the United States. Operating between June and August 2025, this campaign demonstrates the evolving landscape of state-sponsored cyber espionage, where attackers blend traditional phishing techniques with legitimate remote management tools to compromise high-value targets. […]

The post Iranian Hackers Targeting Academics and Foreign Policy Experts Using RMM Tools appeared first on Cyber Security News.

Tushar Subhra Dutta

How a ransomware gang encrypted Nevada government's systems

Bleeping Computer.

3 months 1 week ago

The State of Nevada has completed its recovery from a ransomware attack it suffered on August 24, 2025, which impacted 60 state agencies, disrupting critical services related to health and public safety. [...]

Bill Toulas

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

Security Affairs

3 months 1 week ago

Cisco warns of a new attack variant exploiting CVE-2025-20333 and CVE-2025-20362 in Secure Firewall ASA and FTD devices. Cisco warned of a new attack variant targeting vulnerable Secure Firewall ASA and FTD devices by exploiting the vulnerabilities CVE-2025-20333 and CVE-2025-20362. “On November 5, 2025, Cisco became aware of a new attack variant against devices running […]

Pierluigi Paganini

AquaWomb — первая в мире коммерческая искусственная матка. Двойной мешок имитирует стенки, катетеры заменяют лёгкие

Securitylab.ru

3 months 1 week ago

Пока одни видят революцию в медицине, другие — угрозу самому понятию родительства.

Cisco security advisory (AV25-619) – Update 1

CCCS - Alerts and advisories

3 months 1 week ago

Canadian Centre for Cyber Security