CVE-2025-30466 – “Safari Same Origin Policy Bypass”

May 29, 2025

CVE ID : CVE-2025-30466

Published : May 29, 2025, 10:15 p.m. | 2 hours, 48 minutes ago

Description : This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31189 – Apple macOS Sandbox Escalation

Next Article CVE-2025-31198 – Apple macOS Symlink Path Handling Vulnerability

Highlights

CVE-2025-8067 – Udisks D-BUS Loop Device Handler Index Validation Bypass

August 28, 2025

CVE ID : CVE-2025-8067

Published : Aug. 28, 2025, 3:16 p.m. | 11 hours, 14 minutes ago

Description : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn’t bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This mini PC can do everything from work to cloud gaming — It’s currently at a low price for Memorial Day

May 23, 2025

CVE-2025-5251 – PHPGurukul News Portal Project SQL Injection Vulnerability

May 27, 2025

Samsung Researchers Introduced ANSE (Active Noise Selection for Generation): A Model-Aware Framework for Improving Text-to-Video Diffusion Models through Attention-Based Uncertainty Estimation

May 29, 2025

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-30466 – “Safari Same Origin Policy Bypass”

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

CVE-2025-23173 – Versa Networks Versa Director Websockify Remote Code Execution Vulnerability

NASCAR 25 Launches October 14 on Xbox and PS5 with Revamped Career Mode

Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Operation Endgame 2.0: Europe’s Cyber Dragnet Just Crippled the Ransomware Economy at Its Source

CVE-2025-8067 – Udisks D-BUS Loop Device Handler Index Validation Bypass

This mini PC can do everything from work to cloud gaming — It’s currently at a low price for Memorial Day

CVE-2025-5251 – PHPGurukul News Portal Project SQL Injection Vulnerability

Samsung Researchers Introduced ANSE (Active Noise Selection for Generation): A Model-Aware Framework for Improving Text-to-Video Diffusion Models through Attention-Based Uncertainty Estimation

CVE-2025-30466 – “Safari Same Origin Policy Bypass”

Related Posts