FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayFull Disclosure

Unauthenticated Blind SQL Injection | RSI queue management system - V 3.0 | CVE-2025-26086

Posted by Shaikh Shahnawaz on May 16

[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC
[+] twitter.com/_striv3r_

[Vendor of Product]
RSI Queue (https://www.rsiqueue.com/)

[Vulnerability Type]
Blind SQL Injection

[Affected Component]
The vulnerable component is the TaskID parameter in the get request.

[CVE Reference]
CVE-2025-26086

[Security Issue]
An unauthenticated blind SQL injection vulnerability exists in RSI Queue
Management System v3.0 within the...

CVE-2025-30072 Tiiwee X1 Alarm System - Authentication Bypass by Capture-replay

Posted by Sebastian AuwΓ€rter via Fulldisclosure on May 16

Advisory ID: SYSS-2025-006
Product: Tiiwee X1 Alarm System
Manufacturer: Tiiwee B.V.
Affected Version(s): TWX1HAKV2
Tested Version(s): TWX1HAKV2
Vulnerability Type: Authentication Bypass by Capture-replay
(CWE-294)
Risk Level: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Solution Status: Open
Manufacturer Notification: 2025-01-27...

SEC Consult SA-20250506-0 :: Honeywell MB Secure Authenticated Command Injection

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < 20250507-0 >
=======================================================================
title: Authenticated Command Injection
product: Honeywell MB-Secure
vulnerable version: MB-Secure versions from V11.04 and prior to V12.53,
MB-Secure PRO versions from V01.06 and prior to V03.09
fixed version: MB-Secure v12.53, MB-Secure PRO v03.09
CVE number:...

SEC Consult SA-20250429-0 :: Multiple Vulnerabilities in HP Wolf Security Controller and more

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < publishing date 20250429-0 >
Combined Security Advisory for Sure Access Enterprise and Sure Click Enterprise
=======================================================================
title: Multiple Vulnerabilities
product: HP Wolf Security Controller / HP Sure Access Enterprise /
HP Sure Click Enterprise
vulnerable version: HP Wolf Security...

SEC Consult SA-20250422-0:: Local Privilege Escalation via DLL Search Order Hijacking

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < 20250422-0 >
=======================================================================
title: Local Privilege Escalation via DLL Search Order Hijacking
product: Ivanti Endpoint Manager Security Scan (Vulscan) Self
Update
vulnerable version: EPM 2022 SU6 and previous, EPM 2024
fixed version: EPM 2022 SU7 and EPM 2024 SU1
CVE number: CVE-2025-22458...

Session Invalidation in Economizzer Allows Unauthorized Access After Logout

Posted by Ron E on May 16

A session management vulnerability exists in gugoan's Economizzer
v.0.9-beta1. The application fails to properly invalidate user sessions
upon logout or other session termination events. As a result, a valid
session remains active and usable even after the user has attempted to log
out.

POST /web/category/create HTTP/2

Host: <host>

Cookie: _economizzerSessionId=<<REDACTED>>;

Persistent Cross-Site Scripting in Economizzer Category Entry

Posted by Ron E on May 16

A persistent cross-site scripting (XSS) vulnerability exists in gugoan's
Economizzer v.0.9-beta1. The application fails to properly sanitize
user-supplied input when creating a new category via the
*category/create *endpoint.
An attacker can inject malicious JavaScript payloads that are permanently
stored and later executed in the context of any user who views the affected
entry.

https://<host>/web/category/create

POST...

Persistent Cross-Site Scripting in Economizzer Cashbook Entry

Posted by Ron E on May 16

A persistent cross-site scripting (XSS) vulnerability exists in gugoan's
Economizzer v.0.9-beta1 The application fails to properly sanitize
user-supplied input when creating a new cash book entry via the
*cashbook/create* endpoint. An attacker can inject malicious JavaScript
payloads that are permanently stored and later executed in the context of
any user who views the affected entry.

https://<host>/web/cashbook/create

POST...

APPLE-SA-05-12-2025-9 Safari 18.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-9 Safari 18.5

Safari 18.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122719.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Ventura and macOS Sonoma
Impact: A type confusion issue could lead to memory corruption
Description: This...

APPLE-SA-05-12-2025-8 visionOS 2.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-8 visionOS 2.5

visionOS 2.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122721.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted media file may lead to
unexpected app termination...

APPLE-SA-05-12-2025-7 tvOS 18.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-7 tvOS 18.5

tvOS 18.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122720.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: Processing a maliciously crafted media file may lead to
unexpected...

APPLE-SA-05-12-2025-6 watchOS 11.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-6 watchOS 11.5

watchOS 11.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122722.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple Watch Series 6 and later
Impact: Processing a maliciously crafted media file may lead to
unexpected app...

APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6

macOS Ventura 13.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122718.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Ventura
Impact: Mounting a maliciously crafted AFP network share may lead to
system...

APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6

macOS Sonoma 14.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122717.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Sonoma
Impact: Connecting to a malicious AFP server may corrupt kernel memory
Description:...

APPLE-SA-05-12-2025-3 macOS Sequoia 15.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-3 macOS Sequoia 15.5

macOS Sequoia 15.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122716.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Sequoia
Impact: Connecting to a malicious AFP server may corrupt kernel memory
Description: The...

APPLE-SA-05-12-2025-2 iPadOS 17.7.7

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-2 iPadOS 17.7.7

iPadOS 17.7.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122405.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AirDrop
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch,
and iPad 6th generation
Impact: An app may be able to...

APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5

iOS 18.5 and iPadOS 18.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122404.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later,...

[KIS-2025-02] Invision Community <= 5.0.6 (customCss) Remote Code Execution Vulnerability

Posted by Egidio Romano on May 16

---------------------------------------------------------------------------
Invision Community <= 5.0.6 (customCss) Remote Code Execution Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://invisioncommunity.com

[-] Affected Versions:

All versions from 5.0.0 to 5.0.6.

[-] Vulnerability Description:

The vulnerability is located in the...

secuvera-SA-2025-01: Privilege Escalation in Automic Automation Agent Unix

Posted by Flo SchΓ€fer via Fulldisclosure on May 16

secuvera-SA-2025-01: Privilege Escalation

Affected Products
Automic Automation Agent Unix <24.3.0 HF4, <21.0.13 HF1

References
secuvera-SA-2025-01
CVE not assigned yet
CWE-426: Untrusted Search Path
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Summary:
An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying
an ini file with the...

ArcGIS Hidden Functionality Allows Insecure OAuth 2.0 Based Authentication - CVE-2025-0020 VSL-2025-21

Posted by CVE - VULSec Labs via Fulldisclosure on May 16

=== SUMMARY ===
Vendor: ArcGIS Product: ArcGIS Subject: ArcGIS Hidden Functionality Allows Insecure OAuth 2.0 Based Authentication -
CVE-2025-0020 VSL-2025-21

CVSS: 7.9 (high) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/U:Amber
Credit: Erez Kalman
Author: VULSec Labs
Date: 2025-05-14

=== DETAILS ===

CWE/CAPEC: Violation of Secure Design Principles, Hidden Functionality, Incorrect Provision of Specified Functionality...

BeyondTrust PRA connection takeover - CVE-2025-0217

Posted by Paul Szabo via Fulldisclosure on May 06

=== Details ========================================================

Vendor: BeyondTrust
Product: Privileged Remote Access (PRA)
Subject: PRA connection takeover
CVE ID: CVE-2025-0217
CVSS: 7.8 (high) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Author: Paul Szabo <psz () maths usyd edu au>
Date: 2025-05-05

=== Introduction ===================================================

I noticed an issue in
BeyondTrust Privileged...

Microsoft Windows .XRM-MS File / NTLM Information Disclosure Spoofing

Posted by hyp3rlinx on May 01

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.microsoft.com

[Product]
.xrm-ms File Type

[Vulnerability Type]
NTLM Hash Disclosure (Spoofing)

[Video URL PoC]
https://www.youtube.com/watch?v=d5U_krLQbNY

[CVE Reference]
N/A

[Security Issue]
The...

[IWCC 2025] CfP: 14th International Workshop on Cyber Crime - Ghent, Belgium, Aug 11-14, 2025

Posted by Artur Janicki via Fulldisclosure on Apr 26

[APOLOGIES FOR CROSS-POSTING]

CALL FOR PAPERS
14th International Workshop on Cyber Crime (IWCC 2025 -
https://2025.ares-conference.eu/program/iwcc/)
to be held in conjunction with the 20th International Conference on
Availability, Reliability and Security (ARES 2025 -
http://2025.ares-conference.eu)

August 11-14, 2025, Ghent, Belgium

IMPORTANT DATES
Submission Deadline May 12, 2025
Author Notification May 30, 2025
Proceedings Version...

Inedo ProGet Insecure Reflection and CSRF Vulnerabilities

Posted by Daniel Owens via Fulldisclosure on Apr 26

Inedo ProGet 2024.22 and below are vulnerable to unauthenticated denial of service and information disclosure attacks
(among other things) because the information system directly exposes the C# reflection used during the request-action
mapping process and fails to properly protect certain pathways. These are amplified by cross-site request forgery
vulnerabilities (CSRF) due to the application's failure to verify the HTTP request method...

Ruby on Rails Cross-Site Request Forgery

Posted by Daniel Owens via Fulldisclosure on Apr 26

Good morning. All current versions and all versions since the 2022/2023 "fix" to the Rails cross-site request forgery
(CSRF) protections continue to be vulnerable to the same attacks as the 2022 implementation. Currently, Rails
generates "authenticity tokens" and "csrf tokens" using a random "one time pad" (OTP). This random value is then XORed
with the "raw token" (which can take one of two...

Microsoft ".library-ms" File / NTLM Information Disclosure (Resurrected 2025)

Posted by hyp3rlinx on Apr 26

[-] Microsoft ".library-ms" File / NTLM Information Disclosure
Spoofing (Resurrected 2025) / CVE-2025-24054

[+] John Page (aka hyp3rlinx)
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

Back in 2018, I reported a ".library-ms" File NTLM information
disclosure vulnerability to MSRC and was told "it was not severe
enough", that being said I post it anyways. Seven years passed, until
other researchers re-reported it....

HNS-2025-10 - HN Security Advisory - Local privilege escalation in Zyxel uOS

Posted by Marco Ivaldi on Apr 23

Hi,

Please find attached a security advisory that describes some
vulnerabilities we discovered in the Zyxel uOS Linux-based operating
system.

* Title: Local privilege escalation via Zyxel fermion-wrapper
* Product: USG FLEX H Series
* OS: Zyxel uOS V1.31 (and potentially earlier versions)
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2025-04-23
* CVE ID: CVE-2025-1731 (see discussion in "5 - Remediation" below)...

APPLE-SA-04-16-2025-4 visionOS 2.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23

APPLE-SA-04-16-2025-4 visionOS 2.4.1

visionOS 2.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122402.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

CoreAudio
Available for: Apple Vision Pro
Impact: Processing an audio stream in a maliciously crafted media file
may result in...

APPLE-SA-04-16-2025-3 tvOS 18.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23

APPLE-SA-04-16-2025-3 tvOS 18.4.1

tvOS 18.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122401.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

CoreAudio
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: Processing an audio stream in a maliciously crafted media file...

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

macOS Sequoia 15.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122400.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

CoreAudio
Available for: macOS Sequoia
Impact: Processing an audio stream in a maliciously crafted media file
may...

APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 23

APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1

iOS 18.4.1 and iPadOS 18.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122282.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

CoreAudio
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 13.9-inch
3rd generation and...

Business Logic Flaw: Price Manipulation - AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23

# Exploit Title: Business Logic Flaw: Price Manipulation - alegrocartv1.2.9
# Date: 04/2025
# Exploit Author: Andrey Stoykov
# Version: 1.2.9
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Business Logic Flaw: Price Manipulation #1:

Steps to Reproduce:

1. Visit the store and add a product
2. Intercept the HTTP GET request and add negative value to the "quantity"
parameter

// HTTP GET request

GET...

Stored XSS in "Message" Functionality - AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23

# Exploit Title: Stored XSS in "Message" Functionality - alegrocartv1.2.9
# Date: 04/2025
# Exploit Author: Andrey Stoykov
# Version: 1.2.9
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Stored XSS #1:

Steps to Reproduce:

1. Login as demonstrator account and visit "Customers" > "Newsletter"
2. In "Message" use the following XSS payload

<iframe srcdoc="<img src=x...

XSS via SVG Image Upload - AlegroCartv1.2.9

Posted by Andrey Stoykov on Apr 23

# Exploit Title: XSS via SVG Image Upload - alegrocartv1.2.9
# Date: 04/2025
# Exploit Author: Andrey Stoykov
# Version: 1.2.9
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

XSS via SVG Image Upload:

Steps to Reproduce:

1. Visit http://192.168.58.129/alegrocart/administrator/?controller=download
2. Upload SVG image file with the contents below
3. Intercept the POST request and change the Content-Type to "Content-Type:...

BBOT 2.1.0 - Local Privilege Escalation via Malicious Module Execution

Posted by Housma mardini on Apr 23

Hi Full Disclosure,

I'd like to share a local privilege escalation technique involving BBOT
(Bighuge BLS OSINT Tool) when misconfigured with sudo access.

---

Exploit Title: BBOT 2.1.0 - Local Privilege Escalation via Malicious Module
Execution
Date: 2025-04-16
Exploit Author: Huseyin Mardinli
Vendor Homepage: https://github.com/blacklanternsecurity/bbot
Version: 2.1.0.4939rc (tested)
Tested on: Kali Linux Rolling (2025.1)
CVE: N/A...

83 vulnerabilities in Vasion Print / PrinterLogic

Posted by Pierre Kim on Apr 13

No message preview for long message of 656780 bytes.

[CVE-2025-32102, CVE-2025-32103] SSRF and Directory Traversal in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x)

Posted by Rafael Pedrero on Apr 13

<!--
# Exploit Title: Server-Side Request Forgery (SSRF) in CrushFTP 10.7.1 and
11.1.0 (as well as legacy 9.x)
# Date: 2024-10-20
# Exploit Author: Rafael Pedrero
# Vendor Homepage: https://www.crushftp.com/
# Software Link: https://www.crushftp.com/download/
# Version: CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1
# Tested on: all
# CVE : CVE-2025-32102
# Vulnerability: CWE-918
# Category: webapps

1. Description

CrushFTP 9.x...

Re: APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Nick Boyce on Apr 13

[Complete Apple product novice here (my devices all run a non-Apple
OS), but I'm asking for a friend]

Could someone please clarify the following part of the advisory for me:

Does this mean the update will be available via the "Software Update"
feature on an iPhone - or not ?

The quoted paragraph of Apple's advisory is a bit
Schroedinger's-Cat-ish - the update is both available and not
available.

Thanks,

Nick

[...]...

[KIS-2025-01] UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability

Posted by Egidio Romano on Apr 13

------------------------------------------------------------------------------------
UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection
Vulnerability
------------------------------------------------------------------------------------

[-] Software Links:

https://unacms.com

https://github.com/unacms/una

[-] Affected Versions:

All versions from 9.0.0-RC1 to 14.0.0-RC4.

[-] Vulnerability Description:

The vulnerability...

OXAS-ADV-2025-0001: OX App Suite Security Advisory

Posted by Martin Heiland via Fulldisclosure on Apr 13

Dear subscribers,

We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack.

This advisory has also been published at
https://documentation.open-xchange.com/appsuite/security/advisories/html/2025/oxas-adv-2025-0001.html.

Yours sincerely,
Martin Heiland, Open-Xchange...

APPLE-SA-04-01-2025-1 watchOS 11.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-04-01-2025-1 watchOS 11.4

watchOS 11.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122376.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AirDrop
Available for: Apple Watch Series 6 and later
Impact: An app may be able to read arbitrary file metadata
Description: A...

APPLE-SA-03-31-2025-11 visionOS 2.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-11 visionOS 2.4

visionOS 2.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122378.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accounts
Available for: Apple Vision Pro
Impact: Sensitive keychain data may be accessible from an iOS backup
Description: This issue...

APPLE-SA-03-31-2025-10 tvOS 18.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-10 tvOS 18.4

tvOS 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122377.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AirDrop
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to read arbitrary file metadata
Description: A...

APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5

macOS Ventura 13.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122375.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AccountPolicy
Available for: macOS Ventura
Impact: A malicious app may be able to gain root privileges
Description:...

APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5

macOS Sonoma 14.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122374.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AccountPolicy
Available for: macOS Sonoma
Impact: A malicious app may be able to gain root privileges
Description: This...

APPLE-SA-03-31-2025-7 macOS Sequoia 15.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-7 macOS Sequoia 15.4

macOS Sequoia 15.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122373.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A logging...

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4

iOS 15.8.4 and iPadOS 15.8.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122345.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st...

APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11

iOS 16.7.11 and iPadOS 16.7.11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122346.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro...

APPLE-SA-03-31-2025-4 iPadOS 17.7.6

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-4 iPadOS 17.7.6

iPadOS 17.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122372.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accounts
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch,
and iPad 6th generation
Impact: Sensitive keychain...

APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4

iOS 18.4 and iPadOS 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122371.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and...

APPLE-SA-03-31-2025-2 Xcode 16.3

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-2 Xcode 16.3

Xcode 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122380.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

IDE Assets
Available for: macOS Sequoia 15.2 and later
Impact: A malicious app may be able to access private information
Description: The...

APPLE-SA-03-31-2025-1 Safari 18.4

Posted by Apple Product Security via Fulldisclosure on Apr 02

APPLE-SA-03-31-2025-1 Safari 18.4

Safari 18.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122379.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Authentication Services
Available for: macOS Ventura and macOS Sonoma
Impact: A malicious website may be able to claim WebAuthn...

3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism

Posted by Pierre Kim on Apr 02

## Advisory Information

Title: 3 vulnerabilities in Palo Alto Deep Packet Inspection mechanism
Advisory URL: https://pierrekim.github.io/advisories/2025-palo-alto-dpi.txt
Blog URL: https://pierrekim.github.io/blog/2025-03-31-paloalto-dpi-3-vulnerabilities.html
Date published: 2025-03-31
Vendors contacted: Palo Alto
Release mode: Released
CVE: None

## Product description

## Vulnerabilities Summary

Vulnerable versions: all versions of Palo Alto...

10 vulnerabilities in Brocade Fibre Channel switches

Posted by Pierre Kim on Apr 02

## Advisory Information

Title: 10 vulnerabilities in Brocade Fibre Channel switches
Advisory URL: https://pierrekim.github.io/advisories/2025-brocade-switches.txt
Blog URL: https://pierrekim.github.io/blog/2025-03-31-brocade-switches-10-vulnerabilities.html
Date published: 2025-03-31
Vendors contacted: Brocade
Release mode: Released
CVE: CVE-2021-27797, CVE-2022-33186, CVE-2023-3454, CVE-2024-5460,
CVE-2024-5461, CVE-2024-7516

## Product...

Three bypasses of Ubuntu's unprivileged user namespace restrictions

Posted by Qualys Security Advisory via Fulldisclosure on Mar 27

Qualys Security Advisory

Three bypasses of Ubuntu's unprivileged user namespace restrictions

========================================================================
Contents
========================================================================

Summary
Bypass via aa-exec
Bypass via busybox
Bypass via LD_PRELOAD
Acknowledgments
Timeline (advisory sent to the Ubuntu Security Team on January 15, 2025)...

SQL Injection in Admin Functionality - dolphin.prov7.4.2

Posted by Andrey Stoykov on Mar 24

# Exploit Title: SQL Injection in Admin Functionality - dolphin.prov7.4.2
# Date: 03/2025
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Date: 03/2025
# Tested on: Debian 12
# Blog:
https://msecureltd.blogspot.com/2025/03/friday-fun-pentest-series-21-sql.html

SQL Injection in Admin Functionality:

Steps to Reproduce:

1. Login as admin user and visit the page of "
http://192.168.58.170/dolphinCMS/administration/index.php?cat=&quot;
2....

Stored XSS via Send Message Functionality - dolphin.prov7.4.2

Posted by Andrey Stoykov on Mar 24

# Exploit Title: Stored XSS via Send Message Functionality -
dolphin.prov7.4.2
# Date: 03/2025
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Date: 03/2025
# Tested on: Debian 12
# Blog:
https://msecureltd.blogspot.com/2025/03/friday-fun-pentest-series-20-stored-xss.html

Stored XSS via Send Message Functionality:

Steps to Reproduce:

1. Login and visit "http://192.168.58.170/dolphinCMS/mail.php?mode=compose&quot;
2. Add...

APPLE-SA-03-11-2025-4 visionOS 2.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20

APPLE-SA-03-11-2025-4 visionOS 2.3.2

visionOS 2.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122284.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: Apple Vision Pro
Impact: Maliciously crafted web content may be able to break out of Web
Content sandbox....

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

macOS Sequoia 15.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122283.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Sequoia
Impact: Maliciously crafted web content may be able to break out of Web
Content...

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

iOS 18.3.2 and iPadOS 18.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122281.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and...
❌