63 matches found
EUVD-2023-56086
Malicious code in bioql PyPI...
CVE-2025-47214
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-43317
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...
CVE-2025-43272
The issue was addressed with improved memory handling. This issue is fixed in visionOS 26, Safari 26, iOS 26 and iPadOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash...
Microsoft Windows Telephony Server 安全漏洞
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. T...
CVE-2025-30447
CVE-2025-30447 affects multiple Apple platforms (visionOS, macOS Ventura, tvOS, iPadOS, iOS, macOS Sequoia, macOS Sonoma). The issue stems from inadequate handling in logging that could allow an app to access sensitive user data; the root cause is described as improper sanitization of logging. It...
CVE-2025-24221
This issue was addressed with improved data access restriction. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, visionOS 2.4. Sensitive keychain data may be accessible from an iOS backup...
Microsoft Win32k 资源管理错误漏洞
Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Win32k. An attacker exploiting this vulnerability could elevate privileges. The following products and editions are affected:Windows ...
CVE-2025-24160
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...
Microsoft Windows Telephony Server 安全漏洞
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...
CVE-2024-53691 QTS, QuTS hero
A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following...
Qnap QTS Classic Buffer Overflow (CVE-2024-27129)
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...
CVE-2024-40836
A logic issue was addressed with improved checks. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. A shortcut may be able to use sensitive data with certain actions without prompting the user...
CVE-2024-40818
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. An attacker with physical access may be able to use Siri to access sensitive user data...
Microsoft Windows DWM Core Library 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows DWM Core Library. The following products and editions are affected:Windows 10 Version 22H2 for x64-based Systems,Windows 10 Versio...
PT-2023-28611 · Apple · Ipados +5
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.1 iPadOS versions prior to 17.1 macOS Ventura versions prior to 13.6.3 macOS Sonoma versions prior to 14.1 macOS Monterey versions prior to 12.7.2 Description: A logic issue was addressed with improved checks, which...
CVE-2023-40395
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts...
Microsoft Windows Remote Procedure Call Runtime 安全漏洞
Microsoft Windows Remote Procedure Call Runtime is a powerful technology for creating distributed client/server programs from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Remote Procedure Call Runtime. An attacker could exploit this vulnerability to cause a deni...
Western Digital My Cloud 命令注入漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A command injection vulnerability exists in Western Digital My Cloud OS 5 versions prior to 5.26.300, which stems from the discovery of a remote command injection vulnerability...
VulnCheck KEV: CVE-2022-42852
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory...