Skip to main content
CVE-2025-43477 MEDIUM This Month

A privacy issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43411 MEDIUM This Month

This issue was addressed with additional entitlement checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43396 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43335 MEDIUM This Month

The issue was addressed by adding additional logic. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43334 MEDIUM This Month

This issue was addressed with additional entitlement checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43322 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43469 MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43397 MEDIUM This Month

A permissions issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43394 MEDIUM This Month

This issue was addressed with improved handling of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43348 MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43468 MEDIUM PATCH This Month

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Jwt Attack Intel Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-43444 MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Privilege Escalation
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-43420 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Apple Race Condition Information Disclosure
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-43336 MEDIUM This Month

A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-43430 MEDIUM PATCH This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-43458 MEDIUM PATCH This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-43427 MEDIUM PATCH This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43443 MEDIUM PATCH This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43429 MEDIUM PATCH This Month

A buffer overflow was addressed with improved bounds checking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43432 MEDIUM PATCH This Month

A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Apple Use After Free Red Hat +1
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43425 MEDIUM PATCH This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43441 MEDIUM PATCH This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Ipados Iphone Os Tvos +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43438 MEDIUM PATCH This Month

A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Apple Use After Free Ipados +3
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43435 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43434 MEDIUM PATCH This Month

A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Apple Use After Free Red Hat +1
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43385 MEDIUM This Month

An out-of-bounds access issue was addressed with improved bounds checking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43384 MEDIUM This Month

An out-of-bounds access issue was addressed with improved bounds checking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43383 MEDIUM This Month

An out-of-bounds access issue was addressed with improved bounds checking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43445 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43421 MEDIUM PATCH This Month

Multiple issues were addressed by disabling array allocation sinking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43392 MEDIUM PATCH This Month

The issue was addressed with improved handling of caches. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cors Misconfiguration Apple Information Disclosure Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43503 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-43493 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-12070 MEDIUM This Month

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-43395 LOW Monitor

This issue was addressed with improved handling of symlinks. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43365 LOW Monitor

A denial-of-service issue was addressed with improved input validation. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
2.8
EPSS
0.0%
CVE-2025-43408 LOW Monitor

This issue was addressed by restricting options offered on a locked device. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2025-43423 LOW Monitor

A logging issue was addressed with improved data redaction. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Apple Information Disclosure
NVD
CVSS 3.1
2.0
EPSS
0.0%
CVE-2025-64108 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cursor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-64107 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Microsoft Cursor Windows
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-64106 HIGH This Month

Cursor is a code editor built for programming with AI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Cursor
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-62722 HIGH POC PATCH This Week

LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Linkace
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-59596 MEDIUM This Month

CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in version 14.12. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Secure Access Windows
NVD
CVSS 4.0
6.0
EPSS
0.0%
CVE-2025-59595 HIGH This Month

CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure Access prior to 14.12. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Secure Access
NVD
CVSS 4.0
8.2
EPSS
0.1%
CVE-2025-62721 HIGH POC PATCH This Month

LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Linkace
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-62720 HIGH POC PATCH This Month

LinkAce is a self-hosted archive to collect website links. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Linkace
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-62719 LOW POC PATCH Monitor

LinkAce is a self-hosted archive to collect website links. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available.

SSRF Linkace
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-62715 MEDIUM POC PATCH This Month

ClipBucket v5 is an open source video sharing platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Clipbucket
NVD GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-62520 MEDIUM POC PATCH This Month

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP Authentication Bypass Mantisbt
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-62507 HIGH PATCH This Month

Redis is an open source, in-memory database that persists on disk. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Redis Buffer Overflow RCE Red Hat Suse
NVD GitHub
CVSS 4.0
7.7
EPSS
0.1%
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy