498 matches found
ROS-20260520-73-0051
A vulnerability in the ANGLE component of the Google Chrome web browser is related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow an attacker acting remotely to access sensitive data using a specially crafted HTML page...
PT-2026-41827
The Fortis for WooCommerce WordPress plugin before 1.3.1 may leak sensitive API keys to unauthenticated attackers, allowing them to query Fortis' API and retrieve sensitive customer information, like past orders, PII, etc...
CVE-2026-21016
CVE-2026-21016 involves an incorrect privilege assignment in LocationManager, enabling local attackers to access sensitive information. Affected component: LocationManager. Root cause: improper privilege handling leading to information disclosure. Impact: local access to sensitive data, with conf...
webpack-dev-server 安全漏洞
webpack-dev-server is an open-source application developed by webpack. Versions of webpack-dev-server prior to version 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from exposure to cross-origin code. When it provided services through non-potentially trusted sources, suc...
openSUSE 16 Security Update : java-17-openjdk (openSUSE-SU-2026:20680-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20680-1 advisory. Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to...
PT-2026-38719
Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...
Improper Verification of Cryptographic Signature
Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of SAML signatures in the authentication and logout...
CVE-2026-35247
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...
CVE-2026-21013
CVE-2026-21013 affects Galaxy Wearable before version 2.2.68.26 due to an incorrect default permission configuration, allowing local attackers to access sensitive information. The issue is described as a local-attack vector with low complexity and no user interaction required, with a medium CVSS ...
VulGD: A LLM-Powered Dynamic Open-Access Vulnerability Graph Database
Software vulnerabilities continue to pose significant threats to modern information systems, requiring a timely and accurate risk assessment. Public repositories, such as the National Vulnerability Database and CVE details, are regularly updated, but predominantly utilize relational data models...
CVE-2026-3524
Mattermost Plugin Legal Hold versions =1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated attacker to access, create, download, and delete legal hold data via crafted API requests to the plugin's endpoints. Mattermost Advisory ID:...
Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19040)
Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to access sensitive user data...
CVE-2026-28881
A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...
CVE-2026-20651
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data...
CVE-2026-28828
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...
CVE-2026-28818
CVE-2026-28818 is a logging issue in macOS components that could allow an app to access sensitive user data. The vulnerability is fixed in Apple releases: macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. The available sources describe the issue as a data-redaction/logging exposure...
CVE-2026-28870
An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data...
PT-2026-27601
A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause applications to access sensitive user data...
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through…...