Lucene search
K

77 matches found

CNVD
CNVD
added 2025/10/15 12:0 a.m.3 views

Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24046)

Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access calendar details using an unauthorized internal...

7.1CVSS6.9AI score0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-0740

Malware in sbrugna...

10CVSS6.4AI score0.04521EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-29143

Malware in sbrugna...

4.3CVSS5.2AI score0.01884EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/10/04 2:37 p.m.7 views

CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by embedding malicious prompts within a seemingly innocuous link to siphon sensitive data, including from connected services, like email and calendar. The sneaky...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-3106

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-33064

Malicious code in bioql PyPI...

3.3CVSS4.5AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-52629

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00437EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:3 a.m.5 views

CVE-2024-31893

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174...

4.3CVSS4.2AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:11 a.m.9 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders...

4.3CVSS5.9AI score0.00437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.7 views

CVE-2023-40529

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17 and iPadOS 17. A person with physical access to a device may be able to use VoiceOver to access private calendar information...

2.4CVSS5AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 p.m.7 views

CVE-2021-0487

In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

7.8CVSS7AI score0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.4 views

CVE-2020-8275

Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute...

4.3CVSS7.6AI score0.01884EPSS
Exploits0References1
OSV
OSV
added 2025/01/15 8:15 p.m.4 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders...

4.3CVSS5.8AI score0.00437EPSS
Exploits0References3
NVD
NVD
added 2025/01/15 8:15 p.m.17 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders...

4.3CVSS0.00437EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/15 7:36 p.m.11 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders...

5.9AI score0.00437EPSS
Exploits0References4
CVE
CVE
added 2025/01/15 7:36 p.m.65 views

CVE-2024-54535

Affected product: Apple Vision Pro (calendar feature). Issue: a path handling vulnerability could allow an attacker with access to calendar data to read reminders. Root cause: path handling logic was reworked with improved validation. Affected OS updates and patches: watchOS 11.1, visionOS 2.1, i...

4.3CVSS5.9AI score0.00437EPSS
Exploits0References4Affected Software4
Cvelist
Cvelist
added 2025/01/15 7:36 p.m.30 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders...

0.00437EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.6 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS prior to version 18.1, which originated when an attacker wit...

4.3CVSS6.1AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.4 views

PT-2025-3045 · Apple · Visionos +4

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.1 visionOS versions prior to 2.1 iOS versions prior to 18.1 iPadOS versions prior to 18.1 Description: A path handling issue was addressed with improved logic. An attacker with access to calendar data could also...

4.3CVSS5.7AI score0.00437EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.6 views

The vulnerability of the Access Token Handler component in the software integration control panel for IBM App Connect Enterprise allows a malicious actor to obtain confidential calendar information using an access token with an expired validity period.

The vulnerability of the Access Token Handler component in the software integration control panel for IBM App Connect Enterprise is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to obtain confidential calendar information using ...

4.3CVSS5.5AI score0.00261EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder