An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers ro run code as root.

Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.

Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.