Aggregator

CVE-2025-43249 | Apple macOS up to 13.6/14.6/15.5 App privileges management (EUVD-2025-23118 / Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability was found in Apple macOS up to 13.6/14.6/15.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component App. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2025-43249. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43248 | Apple macOS up to 14.6/15.5 App Local Privilege Escalation (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability, which was classified as critical, has been found in Apple macOS up to 14.6/15.5. This issue affects some unknown processing of the component App. The manipulation leads to Local Privilege Escalation. The identification of this vulnerability is CVE-2025-43248. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43246 | Apple macOS up to 14.6/15.5 App information disclosure (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability was found in Apple macOS up to 14.6/15.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component App. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-43246. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43247 | Apple macOS up to 13.6/14.6/15.5 App permission (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability was found in Apple macOS up to 13.6/14.6/15.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component App. The manipulation leads to permission issues. This vulnerability is known as CVE-2025-43247. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43243 | Apple macOS up to 13.6/14.6/15.5 Restrictions permission (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability was found in Apple macOS up to 13.6/14.6/15.5 and classified as critical. Affected by this issue is some unknown functionality of the component Restrictions Handler. The manipulation leads to permission issues. This vulnerability is handled as CVE-2025-43243. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43244 | Apple macOS up to 13.6/14.6/15.5 App race condition (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability, which was classified as critical, has been found in Apple macOS up to 13.6/14.6/15.5. Affected by this issue is some unknown functionality of the component App. The manipulation leads to race condition. This vulnerability is handled as CVE-2025-43244. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-43245 | Apple macOS up to 13.6/14.6/15.5 App downgrade (Nessus ID 243030)

Vuldb Updates
9 months ago
A vulnerability, which was classified as problematic, was found in Apple macOS up to 13.6/14.6/15.5. This affects an unknown part of the component App. The manipulation leads to algorithm downgrade. This vulnerability is uniquely identified as CVE-2025-43245. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Ransomware Groups Using TrickBot Malware to Exfiltrate US$724 Million in Cryptocurrency

Cyber Security News
9 months ago

The cybersecurity landscape continues to evolve as ransomware groups adopt increasingly sophisticated tactics to maximize their financial gains. The TrickBot malware family has emerged as a central component in a massive cryptocurrency extortion scheme, with ransomware-as-a-service (RaaS) groups leveraging this versatile banking trojan to facilitate attacks worth over US$724 million in cryptocurrency. TrickBot, originally designed […]

The post Ransomware Groups Using TrickBot Malware to Exfiltrate US$724 Million in Cryptocurrency appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2013-10038 | TUFaT FlashChat up to 6.0.2/6.0.8 upload.php unrestricted upload (EUVD-2013-7257 / EDB-28709)

Vuldb Updates
9 months ago
A vulnerability, which was classified as critical, has been found in TUFaT FlashChat up to 6.0.2/6.0.8. Affected by this issue is some unknown functionality of the file upload.php. The manipulation leads to unrestricted upload. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2013-10038. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2014-125123 | LXCenter Kloxo up to 6.1.11 lbin/webcommand.php login-name sql injection (EUVD-2014-9816 / EDB-31577)

Vuldb Updates
9 months ago
A vulnerability was found in LXCenter Kloxo up to 6.1.11. It has been classified as critical. Affected is an unknown function of the file lbin/webcommand.php. The manipulation of the argument login-name leads to sql injection. This vulnerability is traded as CVE-2014-125123. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

INC

Dark Feed IO
9 months ago

You must login to view this content

cohenido

North Korean APT Hackers Poison CI/CD Pipelines To Exfiltrate Sensitive Data

Cyber Security News
9 months ago

A sophisticated espionage campaign orchestrated by the North Korea-backed Lazarus Group has successfully infiltrated open source software ecosystems on an unprecedented scale, transforming trusted developer tools into weapons of cyber espionage. The campaign represents a strategic evolution in state-sponsored cyber warfare, embedding malicious code directly within popular package registries and turning the foundation of modern […]

The post North Korean APT Hackers Poison CI/CD Pipelines To Exfiltrate Sensitive Data appeared first on Cyber Security News.

Tushar Subhra Dutta

INC

Dark Feed IO
9 months ago

You must login to view this content

cohenido

INC

Dark Feed IO
9 months ago

You must login to view this content

cohenido

Managed ad