Posted by Shaikh Shahnawaz on May 16 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor of Product] RSI Queue (https://www.rsiqueue.com/) [Vulnerability Type] Blind SQL Injection [Affected Component] The vulnerable component is the TaskID parameter in the get request. [CVE Reference] CVE-2025-26086 [Security Issue] An unauthenticated blind SQL injection vulnerability … Read More “Unauthenticated Blind SQL Injection | RSI queue management system – V 3.0 | CVE-2025-26086 – Full Disclosure” »
Category: Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < 20250422-0 > ======================================================================= title: Local Privilege Escalation via DLL Search Order Hijacking product: Ivanti Endpoint Manager Security Scan (Vulscan) Self Update vulnerable version: EPM 2022 SU6 and previous, EPM 2024 fixed version: EPM 2022 SU7 and … Read More “SEC Consult SA-20250422-0:: Local Privilege Escalation via DLL Search Order Hijacking – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < publishing date 20250429-0 > Combined Security Advisory for Sure Access Enterprise and Sure Click Enterprise ======================================================================= title: Multiple Vulnerabilities product: HP Wolf Security Controller / HP Sure Access Enterprise / HP Sure Click Enterprise vulnerable version: … Read More “SEC Consult SA-20250429-0 :: Multiple Vulnerabilities in HP Wolf Security Controller and more – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < 20250507-0 > ======================================================================= title: Authenticated Command Injection product: Honeywell MB-Secure vulnerable version: MB-Secure versions from V11.04 and prior to V12.53, MB-Secure PRO versions from V01.06 and prior to V03.09 fixed version: MB-Secure v12.53, MB-Secure PRO v03.09 … Read More “SEC Consult SA-20250506-0 :: Honeywell MB Secure Authenticated Command Injection – Full Disclosure” »
Posted by Sebastian Auwärter via Fulldisclosure on May 16 Advisory ID: SYSS-2025-006 Product: Tiiwee X1 Alarm System Manufacturer: Tiiwee B.V. Affected Version(s): TWX1HAKV2 Tested Version(s): TWX1HAKV2 Vulnerability Type: Authentication Bypass by Capture-replay (CWE-294) Risk Level: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Solution Status: Open Manufacturer Notification: 2025-01-27… – Read More – Full Disclosure
Posted by Ron E on May 16 A persistent cross-site scripting (XSS) vulnerability exists in gugoan’s Economizzer v.0.9-beta1. The application fails to properly sanitize user-supplied input when creating a new category via the *category/create *endpoint. An attacker can inject malicious JavaScript payloads that are permanently stored and later executed in the context of any … Read More “Persistent Cross-Site Scripting in Economizzer Category Entry – Full Disclosure” »
Posted by Ron E on May 16 A session management vulnerability exists in gugoan’s Economizzer v.0.9-beta1. The application fails to properly invalidate user sessions upon logout or other session termination events. As a result, a valid session remains active and usable even after the user has attempted to log out. POST /web/category/create HTTP/2 Host: … Read More “Session Invalidation in Economizzer Allows Unauthorized Access After Logout – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-8 visionOS 2.5 visionOS 2.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122721. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: Apple Vision Pro Impact: Processing a … Read More “APPLE-SA-05-12-2025-8 visionOS 2.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-9 Safari 18.5 Safari 18.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122719. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: macOS Ventura and macOS Sonoma Impact: … Read More “APPLE-SA-05-12-2025-9 Safari 18.5 – Full Disclosure” »
Posted by Ron E on May 16 A persistent cross-site scripting (XSS) vulnerability exists in gugoan’s Economizzer v.0.9-beta1 The application fails to properly sanitize user-supplied input when creating a new cash book entry via the *cashbook/create* endpoint. An attacker can inject malicious JavaScript payloads that are permanently stored and later executed in the context … Read More “Persistent Cross-Site Scripting in Economizzer Cashbook Entry – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6 macOS Ventura 13.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/122718. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. afpfs Available for: macOS Ventura Impact: Mounting … Read More “APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-6 watchOS 11.5 watchOS 11.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122722. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: Apple Watch Series 6 and later … Read More “APPLE-SA-05-12-2025-6 watchOS 11.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-7 tvOS 18.5 tvOS 18.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122720. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: Apple TV HD and Apple TV … Read More “APPLE-SA-05-12-2025-7 tvOS 18.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-2 iPadOS 17.7.7 iPadOS 17.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/122405. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: iPad Pro 12.9-inch 2nd generation, iPad … Read More “APPLE-SA-05-12-2025-2 iPadOS 17.7.7 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-3 macOS Sequoia 15.5 macOS Sequoia 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122716. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. afpfs Available for: macOS Sequoia Impact: Connecting … Read More “APPLE-SA-05-12-2025-3 macOS Sequoia 15.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6 macOS Sonoma 14.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/122717. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. afpfs Available for: macOS Sonoma Impact: Connecting … Read More “APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5 iOS 18.5 and iPadOS 18.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122404. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: … Read More “APPLE-SA-05-12-2025-1 iOS 18.5 and iPadOS 18.5 – Full Disclosure” »
Posted by CVE – VULSec Labs via Fulldisclosure on May 16 === SUMMARY === Vendor: ArcGIS Product: ArcGIS Subject: ArcGIS Hidden Functionality Allows Insecure OAuth 2.0 Based Authentication – CVE-2025-0020 VSL-2025-21 CVSS: 7.9 (high) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/U:Amber Credit: Erez Kalman Author: VULSec Labs Date: 2025-05-14 === DETAILS === CWE/CAPEC: Violation of Secure Design Principles, Hidden Functionality, Incorrect Provision … Read More “ArcGIS Hidden Functionality Allows Insecure OAuth 2.0 Based Authentication – CVE-2025-0020 VSL-2025-21 – Full Disclosure” »
Posted by Flo Schäfer via Fulldisclosure on May 16 secuvera-SA-2025-01: Privilege Escalation Affected Products Automic Automation Agent Unix <24.3.0 HF4, <21.0.13 HF1 References secuvera-SA-2025-01 CVE not assigned yet CWE-426: Untrusted Search Path CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L Summary: An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying an … Read More “secuvera-SA-2025-01: Privilege Escalation in Automic Automation Agent Unix – Full Disclosure” »
Posted by Egidio Romano on May 16 ————————————————————————— Invision Community <= 5.0.6 (customCss) Remote Code Execution Vulnerability ————————————————————————— [-] Software Link: https://invisioncommunity.com [-] Affected Versions: All versions from 5.0.0 to 5.0.6. [-] Vulnerability Description: The vulnerability is located in the… – Read More – Full Disclosure
Posted by Paul Szabo via Fulldisclosure on May 06 === Details ======================================================== Vendor: BeyondTrust Product: Privileged Remote Access (PRA) Subject: PRA connection takeover CVE ID: CVE-2025-0217 CVSS: 7.8 (high) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Author: Paul Szabo <psz () maths usyd edu au> Date: 2025-05-05 === Introduction =================================================== I noticed an issue in BeyondTrust Privileged… – Read More – … Read More “BeyondTrust PRA connection takeover – CVE-2025-0217 – Full Disclosure” »
Posted by hyp3rlinx on May 01 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt [+] x.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] .xrm-ms File Type [Vulnerability Type] NTLM Hash Disclosure (Spoofing) [Video URL PoC] https://www.youtube.com/watch?v=d5U_krLQbNY [CVE Reference] N/A [Security Issue] The… – Read More – Full Disclosure
Posted by hyp3rlinx on Apr 26 [-] Microsoft “.library-ms” File / NTLM Information Disclosure Spoofing (Resurrected 2025) / CVE-2025-24054 [+] John Page (aka hyp3rlinx) [+] x.com/hyp3rlinx [+] ISR: ApparitionSec Back in 2018, I reported a “.library-ms” File NTLM information disclosure vulnerability to MSRC and was told “it was not severe enough”, that being said … Read More “Microsoft “.library-ms” File / NTLM Information Disclosure (Resurrected 2025) – Full Disclosure” »
Posted by Daniel Owens via Fulldisclosure on Apr 26 Good morning. All current versions and all versions since the 2022/2023 “fix” to the Rails cross-site request forgery (CSRF) protections continue to be vulnerable to the same attacks as the 2022 implementation. Currently, Rails generates “authenticity tokens” and “csrf tokens” using a random “one time … Read More “Ruby on Rails Cross-Site Request Forgery – Full Disclosure” »
Posted by Daniel Owens via Fulldisclosure on Apr 26 Inedo ProGet 2024.22 and below are vulnerable to unauthenticated denial of service and information disclosure attacks (among other things) because the information system directly exposes the C# reflection used during the request-action mapping process and fails to properly protect certain pathways. These are amplified by … Read More “Inedo ProGet Insecure Reflection and CSRF Vulnerabilities – Full Disclosure” »
Posted by Artur Janicki via Fulldisclosure on Apr 26 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 14th International Workshop on Cyber Crime (IWCC 2025 – https://2025.ares-conference.eu/program/iwcc/) to be held in conjunction with the 20th International Conference on Availability, Reliability and Security (ARES 2025 – http://2025.ares-conference.eu) August 11-14, 2025, Ghent, Belgium IMPORTANT DATES Submission Deadline May … Read More “[IWCC 2025] CfP: 14th International Workshop on Cyber Crime – Ghent, Belgium, Aug 11-14, 2025 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-4 visionOS 2.4.1 visionOS 2.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122402. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: Apple Vision Pro Impact: Processing an … Read More “APPLE-SA-04-16-2025-4 visionOS 2.4.1 – Full Disclosure” »
Posted by Marco Ivaldi on Apr 23 Hi, Please find attached a security advisory that describes some vulnerabilities we discovered in the Zyxel uOS Linux-based operating system. * Title: Local privilege escalation via Zyxel fermion-wrapper * Product: USG FLEX H Series * OS: Zyxel uOS V1.31 (and potentially earlier versions) * Author: Marco Ivaldi … Read More “HNS-2025-10 – HN Security Advisory – Local privilege escalation in Zyxel uOS – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1 iOS 18.4.1 and iPadOS 18.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122282. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: … Read More “APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1 macOS Sequoia 15.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122400. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: macOS Sequoia Impact: Processing … Read More “APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-3 tvOS 18.4.1 tvOS 18.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122401. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: Apple TV HD and Apple TV … Read More “APPLE-SA-04-16-2025-3 tvOS 18.4.1 – Full Disclosure” »
Posted by Housma mardini on Apr 23 Hi Full Disclosure, I’d like to share a local privilege escalation technique involving BBOT (Bighuge BLS OSINT Tool) when misconfigured with sudo access. — Exploit Title: BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution Date: 2025-04-16 Exploit Author: Huseyin Mardinli Vendor Homepage: https://github.com/blacklanternsecurity/bbot Version: 2.1.0.4939rc … Read More “BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution – Full Disclosure” »
Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in “Message” Functionality – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS #1: Steps to Reproduce: 1. Login as demonstrator account and visit “Customers” > “Newsletter” 2. In … Read More “Stored XSS in “Message” Functionality – AlegroCartv1.2.9 – Full Disclosure” »
Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ XSS via SVG Image Upload: Steps to Reproduce: 1. Visit http://192.168.58.129/alegrocart/administrator/?controller=download 2. Upload SVG image file with the … Read More “XSS via SVG Image Upload – AlegroCartv1.2.9 – Full Disclosure” »
Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Business Logic Flaw: Price Manipulation #1: Steps to Reproduce: 1. Visit the store and add a product 2. … Read More “Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9 – Full Disclosure” »
Posted by Martin Heiland via Fulldisclosure on Apr 13 Dear subscribers, We’re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack. This advisory has also been published … Read More “OXAS-ADV-2025-0001: OX App Suite Security Advisory – Full Disclosure” »
Posted by Egidio Romano on Apr 13 ———————————————————————————— UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability ———————————————————————————— [-] Software Links: https://unacms.com https://github.com/unacms/una [-] Affected Versions: All versions from 9.0.0-RC1 to 14.0.0-RC4. [-] Vulnerability Description: The vulnerability… – Read More – Full Disclosure
Posted by Nick Boyce on Apr 13 [Complete Apple product novice here (my devices all run a non-Apple OS), but I’m asking for a friend] Could someone please clarify the following part of the advisory for me: Does this mean the update will be available via the “Software Update” feature on an iPhone – … Read More “Re: APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 – Full Disclosure” »
Posted by Rafael Pedrero on Apr 13 <!– # Exploit Title: Server-Side Request Forgery (SSRF) in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x) # Date: 2024-10-20 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.crushftp.com/ # Software Link: https://www.crushftp.com/download/ # Version: CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 # … Read More “[CVE-2025-32102, CVE-2025-32103] SSRF and Directory Traversal in CrushFTP 10.7.1 and 11.1.0 (as well as legacy 9.x) – Full Disclosure” »
Posted by Pierre Kim on Apr 13 No message preview for long message of 656780 bytes. – Read More – Full Disclosure
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-04-01-2025-1 watchOS 11.4 watchOS 11.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122376. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: Apple Watch Series 6 and later … Read More “APPLE-SA-04-01-2025-1 watchOS 11.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5 macOS Ventura 13.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122375. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AccountPolicy Available for: macOS Ventura Impact: A … Read More “APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-10 tvOS 18.4 tvOS 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122377. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirDrop Available for: Apple TV HD and Apple TV … Read More “APPLE-SA-03-31-2025-10 tvOS 18.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-11 visionOS 2.4 visionOS 2.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122378. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accounts Available for: Apple Vision Pro Impact: Sensitive keychain … Read More “APPLE-SA-03-31-2025-11 visionOS 2.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4 iOS 15.8.4 and iPadOS 15.8.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122345. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: … Read More “APPLE-SA-03-31-2025-6 iOS 15.8.4 and iPadOS 15.8.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-7 macOS Sequoia 15.4 macOS Sequoia 15.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122373. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: macOS Sequoia Impact: An … Read More “APPLE-SA-03-31-2025-7 macOS Sequoia 15.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5 macOS Sonoma 14.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122374. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AccountPolicy Available for: macOS Sonoma Impact: A … Read More “APPLE-SA-03-31-2025-8 macOS Sonoma 14.7.5 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4 iOS 18.4 and iPadOS 18.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122371. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: … Read More “APPLE-SA-03-31-2025-3 iOS 18.4 and iPadOS 18.4 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-4 iPadOS 17.7.6 iPadOS 17.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/122372. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accounts Available for: iPad Pro 12.9-inch 2nd generation, iPad … Read More “APPLE-SA-03-31-2025-4 iPadOS 17.7.6 – Full Disclosure” »
Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11 iOS 16.7.11 and iPadOS 16.7.11 addresses the following issues. Information about the security content is also available at https://support.apple.com/122346. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: … Read More “APPLE-SA-03-31-2025-5 iOS 16.7.11 and iPadOS 16.7.11 – Full Disclosure” »