Lucene search
+L

498 matches found

redos
redos
added 2026/05/20 12:0 a.m.27 views

ROS-20260520-73-0051

A vulnerability in the ANGLE component of the Google Chrome web browser is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data using a specially crafted HTML page...

6.5CVSS5.8AI score0.002EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.17 views

PT-2026-41827

The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc...

5.8AI score0.00404EPSS
Exploits0References2
cve
cve
added 2026/05/13 4:56 a.m.27 views

CVE-2026-21016

CVE-2026-21016 involves an incorrect privilege assignment in LocationManager, enabling local attackers to access sensitive information. Affected component: LocationManager. Root cause: improper privilege handling leading to information disclosure. Impact: local access to sensitive data, with conf...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.9 views

webpack-dev-server 安全漏洞

webpack-dev-server is an open-source application developed by webpack. Versions of webpack-dev-server prior to version 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from exposure to cross-origin code. When it provided services through non-potentially trusted sources, suc...

6.5CVSS5.8AI score0.00216EPSS
Exploits0References1
nessus
nessus
added 2026/05/10 12:0 a.m.19 views

openSUSE 16 Security Update : java-17-openjdk (openSUSE-SU-2026:20680-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20680-1 advisory. Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to...

7.5CVSS5.9AI score0.00702EPSS
Exploits0References24
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.15 views

PT-2026-38719

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

4.3CVSS5.8AI score0.02298EPSS
Exploits0References7
snyk
snyk
added 2026/04/29 9:56 p.m.8 views

Improper Verification of Cryptographic Signature

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of SAML signatures in the authentication and logout...

8.8CVSS5.8AI score0.00191EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/21 8:35 p.m.10 views

CVE-2026-35247

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

6CVSS5.8AI score0.00124EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/04/13 5:4 a.m.15 views

CVE-2026-21013

CVE-2026-21013 affects Galaxy Wearable before version 2.2.68.26 due to an incorrect default permission configuration, allowing local attackers to access sensitive information. The issue is described as a local-attack vector with low complexity and no user interaction required, with a medium CVSS ...

6.9CVSS5.8AI score0.00093EPSS
Exploits0References1Affected Software1
packetstormnews
packetstormnews
added 2026/04/08 12:0 a.m.26 views

VulGD: A LLM-Powered Dynamic Open-Access Vulnerability Graph Database

Software vulnerabilities continue to pose significant threats to modern information systems, requiring a timely and accurate risk assessment. Public repositories, such as the National Vulnerability Database and CVE details, are regularly updated, but predominantly utilize relational data models...

5.9AI score
Exploits0
redhatcve
redhatcve
added 2026/04/07 5:3 p.m.9 views

CVE-2026-3524

Mattermost Plugin Legal Hold versions =1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated attacker to access, create, download, and delete legal hold data via crafted API requests to the plugin's endpoints. Mattermost Advisory ID:...

8.8CVSS5.9AI score0.00378EPSS
Exploits0References1
cnvd
cnvd
added 2026/03/31 12:0 a.m.8 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19040)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to access sensitive user data...

5.5CVSS5.8AI score0.00177EPSS
Exploits0
redhatcve
redhatcve
added 2026/03/26 3:16 p.m.5 views

CVE-2026-28881

A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References1
nvd
nvd
added 2026/03/25 1:17 a.m.4 views

CVE-2026-20651

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data...

6.2CVSS0.00204EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/25 12:32 a.m.2 views

CVE-2026-28828

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00344EPSS
Exploits0References3
cve
cve
added 2026/03/25 12:32 a.m.11 views

CVE-2026-28818

CVE-2026-28818 is a logging issue in macOS components that could allow an app to access sensitive user data. The vulnerability is fixed in Apple releases: macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. The available sources describe the issue as a data-redaction/logging exposure...

5.3CVSS5.8AI score0.00396EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2026/03/25 12:31 a.m.2 views

CVE-2026-28870

An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data...

5.8AI score0.0016EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/03/25 12:0 a.m.11 views

PT-2026-27601

A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00177EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/25 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause applications to access sensitive user data...

5.3CVSS5.8AI score0.00396EPSS
Exploits0References3
hackread
hackread
added 2026/03/24 11:37 a.m.8 views

DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk

DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through…...

5.7AI score
Exploits0
Rows per page
Query Builder