Aggregator

CVE-2024-54539 | Apple macOS up to 13.6/14.6/15.1 Keyboard Event state issue (WID-SEC-2024-3692)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as problematic, was found in Apple macOS up to 13.6/14.6/15.1. This impacts an unknown function of the component Keyboard Event Handler. Executing manipulation can lead to state issue. The identification of this vulnerability is CVE-2024-54539. The attack can only be executed locally. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2024-54536 | Apple macOS up to 15.1 NVRAM Variable access control (WID-SEC-2024-3692)

Vuldb Updates
2 months 1 week ago
A vulnerability labeled as critical has been found in Apple macOS up to 15.1. Affected is an unknown function of the component NVRAM Variable Handler. Executing manipulation can lead to improper access controls. This vulnerability is tracked as CVE-2024-54536. The attack is restricted to local execution. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2024-54531 | Apple macOS up to 15.1 kASLR memory corruption (WID-SEC-2024-3692)

Vuldb Updates
2 months 1 week ago
A vulnerability identified as critical has been detected in Apple macOS up to 15.1. The affected element is an unknown function of the component kASLR. Performing manipulation results in memory corruption. This vulnerability is cataloged as CVE-2024-54531. The attack must be initiated from a local position. There is no exploit available. You should upgrade the affected component.
vuldb.com

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

CVE-2025-49596

CVE Trends
2 months 1 week ago
Currently trending CVE - Hype Score: 8 - The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP ...

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

CVE-2025-9747 | Koillection up to 1.6.18 csrf_protection_controller.js cross-site request forgery (Issue 1393 / EUVD-2025-26312)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in Koillection up to 1.6.18 and classified as problematic. Affected is an unknown function of the file assets/controllers/csrf_protection_controller.js. Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2025-9747. The attack can be executed remotely. Additionally, an exploit exists. It is suggested to upgrade the affected component. The vendor explains: "I ended up switching to a newer CSRF handling using stateless token."
vuldb.com

Exciting Developments in Cloud-Native Security

Security Boulevard
2 months 1 week ago

Why are Cybersecurity Professionals Excited About Cloud-Native Advancements? Is it possible that the future of cybersecurity lies in the cloud? The answer, increasingly, is a resounding yes. Cloud-native advancements have ignited a spark in the sector, particularly in Non-Human Identities (NHIs) and Secrets Security Management. I’ve gathered a lot of data-driven insights that highlight the […]

The post Exciting Developments in Cloud-Native Security appeared first on Entro.

The post Exciting Developments in Cloud-Native Security appeared first on Security Boulevard.

Alison Mack

Building Trust with Robust NHIs Management

Security Boulevard
2 months 1 week ago

Why is Holistic NHI Management Indispensable for Robust Systems? Amidst the complex labyrinth of cybersecurity management, have you ever considered the strategic importance of NHIs and their implications on building a robust system? Non-Human Identities (NHIs) and the management of their corresponding ‘Secrets’ form a critical component in ensuring end-to-end protection. Their relevance transcends across […]

The post Building Trust with Robust NHIs Management appeared first on Entro.

The post Building Trust with Robust NHIs Management appeared first on Security Boulevard.

Alison Mack

Top 10 Best Web Application Penetration Testing Companies in 2025

Cyber Security News
2 months 1 week ago

Web application penetration testing in 2025 goes beyond a simple, one-time assessment. The top companies combine human expertise with automation and intelligent platforms to provide continuous, on-demand testing. The rise of Penetration Testing as a Service (PTaaS) and bug bounty programs reflects this evolution, offering flexible, scalable, and real-time security testing that keeps pace with […]

The post Top 10 Best Web Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.

Cyber Advisory

Top 10 Attack Surface Management Software Solutions In 2025

Cyber Security News
2 months 1 week ago

Attack Surface Management (ASM) is a proactive security discipline focused on continuously discovering, analyzing, and reducing an organization’s external-facing digital footprint. In 2025, with the proliferation of cloud services, remote work, and supply chain dependencies, an organization’s attack surface has grown exponentially. Top ASM solutions have evolved beyond simple asset inventory to provide AI-driven risk […]

The post Top 10 Attack Surface Management Software Solutions In 2025 appeared first on Cyber Security News.

Cyber Advisory

Managed ad