CVE-2024-40795

This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...

CVE-2024-40795

This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...

CVE-2024-40795

This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...

CVE-2024-40795

CVE-2024-40795 affects Apple platforms where an app may be able to read sensitive location information. The issue was addressed with improved data protection and is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6, iPadOS 17.6, and tvOS 17.6. The NVD entry shows a low 3.3 CVSS due to local acce...

CVE-2023-42949

This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory...

CVE-2023-42949

This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory...

CVE-2023-42949

This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory...

CVE-2023-42949

This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory...

CVE-2023-42949

CVE-2023-42949 affects Apple's platforms (iOS/iPadOS, macOS, watchOS, tvOS) where an app could access edited photos saved to a temporary directory. The description and connected sources consistently state this was addressed by improving data protection, with fixes in iOS 17 / iPadOS 17, macOS Son...

Secure Your APIs and Reduce Your Attack Surface With Modern, AI-powered API Security in Qualys Web Application Scanning (WAS)

The rise of APIs presents both opportunities and challenges in today’s hyperconnected digital world. APIs are integral to digital transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in...

ROS-20240723-03

Vulnerability of Ruby interpreter's Net::FTP class implementation is related to flaws in service data protection using the PASV command. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information. remotely, to gain unauthorized...

The vulnerability of the GraphQL Subscription Handler component of the software platform based on Git, which facilitates collaborative code development on GitLab, allows a malicious individual to gain unauthorized access to confidential information.

The vulnerability of the GraphQL Subscription Handler component of the software platform based on Git for collaborative code development on GitLab is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthoriz...

Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model

Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation CPC Network has notified...

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software, related to insufficient protection of operational data, allows unauthorized access by attackers to the protected information.

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software, related to insufficient protection of operational data, allows unauthorized access by attackers to the protected information.

The vulnerability of MicroLogix 1400 programmable logic controllers’ microprogramming software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

The vulnerability of the Unified Endpoint Management system of VMware Workspace ONE allows unauthorized access, as it involves insufficient protection for operational data. This makes it possible for attackers to disclose sensitive information that should be protected.

The vulnerability of the Unified Management System for VMware Workspace ONE endpoints relates to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is supposed to be secure...

The vulnerability of the Windows Message Queuing system allows attackers to disclose protected information.

The vulnerability of Windows’ Message Queuing system is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Azure CycleCloud tool for organizing and managing high-performance computing environments, related to a flaw in the data protection mechanism, allows attackers to enhance their privileges.

The vulnerability of the Azure CycleCloud tool for organizing and managing high-performance computing environments is related to a flaw in the data protection mechanism. Exploiting this vulnerability can allow an attacker operating remotely to enhance their privileges...

The vulnerability of Themes component in Windows operating systems, which allows attackers to carry out spoofing attacks

The vulnerability of Themes Windows themes in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to carry out spoofing attacks...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...