CVE-2026-28910

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files...

EUVD-2026-29234

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files...

RHCOS 4 : OpenShift Container Platform 4.6.1 (RHSA-2020:4297)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4297 advisory. - jenkins-jira-plugin: plugin information disclosure CVE-2019-16541 - jenkins-2-plugins/mailer: Missing hostname validation in Maile...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bcachefs: Fixes for bch2ioctlsubvolumedestroy. bch2evictsubvolumeinodes was getting stuck due to incorrect pruning of the dcache. Additionally, missing permission checks have been fixed...

PT-2026-39777

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions prior to 26.4 Description A flaw in permissions checking allows a malicious application to access arbitrary files. This issue involves breaking the App Sandbox data containers and Transparency, Consent, and Control TCC, an...

PT-2026-27587

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.7 iPadOS versions prior to 18.7.7 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 visionOS versions prior to 26.4 watchOS versions prior to 26.4...

CVE-2026-27603 Chartbrew: Unauthenticated Chart Filter Endpoint: POST /project/:project_id/chart/:chart_id/filter missing verifyToken + checkPermissions

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart filter endpoint POST /project/:projectid/chart/:chartid/filter is missing both verifyToken and checkPermissions middleware, allowing...

Linux Kernel 7.x Safe Verification of XFS Scrub ioctl Support

This tool provides a safe and non-exploitative way to verify whether a mount point uses the XFS file system and whether the system kernel supports the ioctl interface for XFS metadata cleanup XFSIOCSCRUBMETADATA. The tool performs verification of the file system type to confirm it is XFS, safely...

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

CVE-2022-26767

The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences...

CVE-2025-46282

The issue was addressed with additional permissions checks. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. An app may be able to access sensitive user data...

CVE-2025-46282

The issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to access sensitive user data...

CVE-2025-46282

The issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to access sensitive user data...

CVE-2025-46282

CVE-2025-46282 concerns Apple macOS Tahoe and Safari where an app could access sensitive user data due to insufficient permissions checks. The issue is fixed in macOS Tahoe 26.2 and Safari 26.2; Apple’s advisories and multiple sources (NVD, Red Hat, CNNVD, CIRCL, etc.) consistently describe the f...

About the security content of Safari 26.2

About the security content of Safari 26.2 This document describes the security content of Safari 26.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

PT-2025-51910

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.2 Safari versions prior to 26.2 Description An application could potentially access sensitive user data due to insufficient permissions checks. The issue was resolved by implementing additional permissions...

EUVD-2025-201417

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to 1.27.1, the macro executes Velocity from the details pages without checking for permissions, which can lead to remote code execution. This vulnerability is fixed in 1.27.1...

CVE-2025-62669

The CVE-2025-62669 entry concerns Wikimedia’s MediaWiki CentralAuth Extension, describing a resource disclosure vulnerability that exposes sensitive information. Multiple sources (NVD entry, Red Hat, EU ENISA, CNVD, CVE/CVEList, and vuln enrichment) align on: affected component is CentralAuth Ext...

EUVD-2020-2538

Malware in sbrugna...