Total
3015 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-37125 | 2025-09-17 | N/A | 7.5 HIGH | ||
| A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS). Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly | |||||
| CVE-2025-59333 | 2025-09-17 | N/A | 8.1 HIGH | ||
| The mcp-database-server (MCP Server) 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not impacted. As a result, the server is susceptible to abuse and attacks on affected database systems such as PostgreSQL, and potentially others that expose elevated functionalities. These attacks may lead to denial of service and other unexpected behaviors. | |||||
| CVE-2025-54391 | 2025-09-17 | N/A | 9.1 CRITICAL | ||
| A vulnerability in the EnableTwoFactorAuthRequest SOAP endpoint of Zimbra Collaboration (ZCS) allows an attacker with valid user credentials to bypass Two-Factor Authentication (2FA) protection. The attacker can configure an additional 2FA method (either a third-party authenticator app or email-based 2FA) without presenting a valid authentication token or proving access to an already configured 2FA method. This bypasses 2FA and results in unauthorized access to accounts that are otherwise protected by 2FA. | |||||
| CVE-2025-43337 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | |||||
| CVE-2025-43340 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 7.8 HIGH |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox. | |||||
| CVE-2025-43369 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43371 | 1 Apple | 1 Xcode | 2025-09-17 | N/A | 8.2 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox. | |||||
| CVE-2025-43315 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access user-sensitive data. | |||||
| CVE-2025-43317 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data. | |||||
| CVE-2025-43319 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43321 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43325 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | |||||
| CVE-2025-43305 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access private information. | |||||
| CVE-2025-43285 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43291 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system. | |||||
| CVE-2025-31269 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-31270 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. | |||||
| CVE-2025-43204 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox. | |||||
| CVE-2025-43207 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data. | |||||
| CVE-2025-43208 | 1 Apple | 1 Macos | 2025-09-17 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive location information. | |||||