CVE-2025-31197 – Apple macOS and iOS Local Network App Termination Vulnerability

April 29, 2025

CVE ID : CVE-2025-31197

Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago

Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46760 – Apache HTTP Server Authentication Bypass

Next Article CVE-2025-24271 – Apple AirPlay Unauthenticated Access Vulnerability

Highlights

CVE-2025-53104 – Gluestack-ui Command Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-53104

Published : July 1, 2025, 7:15 p.m. | 14 hours, 59 minutes ago

Description : gluestack-ui is a library of copy-pasteable components & patterns crafted with Tailwind CSS (NativeWind). Prior to commit e6b4271, a command injection vulnerability was discovered in the discussion-to-slack.yml GitHub Actions workflow. Untrusted discussion fields (title, body, etc.) were directly interpolated into shell commands in a run: block. An attacker could craft a malicious GitHub Discussion title or body (e.g., $(curl …)) to execute arbitrary shell commands on the Actions runner. This issue has been fixed in commit e6b4271 where the discussion-to-slack.yml workflow was removed. Users should remove the discussion-to-slack.yml workflow if using a fork or derivative of this repository.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-31197 – Apple macOS and iOS Local Network App Termination Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Designing for people: What architecture can learn from UX

Prompt Engineering Cheat Sheet for GPT-5: Learn These Patterns for Solid Code Generation

The Unusual Suspect: Git Repos

Google AI Unveils 601 Real-World Generative AI Use Cases Across Industries

CVE-2025-53104 – Gluestack-ui Command Injection Vulnerability

CVE-2025-4542 – Freeebird Hotel Cross-Domain Policy Vulnerability

CVE-2024-41197 – Ocuco Innovation INVCLIENT.EXE Remote Authentication Bypass Privilege Escalation

CVE-2025-4737 – Vivo Voice Assistant SSL/TLS Weakness

CVE-2025-31197 – Apple macOS and iOS Local Network App Termination Vulnerability

Related Posts