ZDI-25-018: Apple macOS libFontValidation Font Header Name Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:14 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the libFontValidation library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3.

USN-7455-4: Linux kernel (Oracle) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 25, 2025

ZDI-CAN-27036: Apple

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Michael DePlante (@izobashi) of Trend Zero Day Initiative' was reported to...

April 25, 2025

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault's Command Center Innovation Release. The vulnerability, tracked...

April 25, 2025

chromium-135.0.7049.114-1.fc41

FEDORA-2025-9ea1ed1fcf Packages in this update: chromium-135.0.7049.114-1.fc41 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

chromium-135.0.7049.114-1.el10_1

FEDORA-EPEL-2025-41e9d3ba95 Packages in this update: chromium-135.0.7049.114-1.el10_1 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

chromium-135.0.7049.114-1.fc42

FEDORA-2025-ca9bc14500 Packages in this update: chromium-135.0.7049.114-1.fc42 Update description: Update to 135.0.7049.114 Read More

April 24, 2025

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

New Linux Rootkit

ELENOR-corp Ransomware Targets Healthcare Sector

Blue Shield of California Data Breach Affects 4.7 Million Members

ZDI-25-018: Apple macOS libFontValidation Font Header Name Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

USN-7455-4: Linux kernel (Oracle) vulnerabilities

ZDI-CAN-27036: Apple

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

chromium-135.0.7049.114-1.fc41

chromium-135.0.7049.114-1.el10_1

chromium-135.0.7049.114-1.fc42