CVE-2025-24206 – Apple Local Network Authentication Bypass

April 29, 2025

CVE ID : CVE-2025-24206

Published : April 29, 2025, 3:15 a.m. | 3 hours, 40 minutes ago

Description : An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24252 – Apple macOS Use-After-Free Vulnerability

Next Article CVE-2025-24251 – Apple Local Network App Termination Vulnerability

Highlights

CVE-2025-3481 – MedDream PACS Server DICOM File Parsing Remote Code Execution Vulnerability

May 22, 2025

CVE ID : CVE-2025-3481

Published : May 22, 2025, 1:15 a.m. | 1 hour, 35 minutes ago

Description : MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the parsing of DICOM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-25827.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-24206 – Apple Local Network Authentication Bypass

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

8 Best Free and Open Source NVIDIA GPU Monitoring Tools

IBM HMC Vulnerable to Privilege Escalation Attacks

CVE-2025-46157 – EfroTech Time Trax Remote Code Execution Vulnerability

CVE-2025-5664 – FreeFloat FTP Server Buffer Overflow Vulnerability

CVE-2025-3481 – MedDream PACS Server DICOM File Parsing Remote Code Execution Vulnerability

9 Best Free and Open Source Linux Disk Encryption Tools

Intel Plans ‘Arrow Lake Refresh’ With Faster Clock and New NPU This Year

CVE-2025-52798 – Eyecix JobSearch Cross-site Scripting

CVE-2025-24206 – Apple Local Network Authentication Bypass

Related Posts