Lucene search
K

382 matches found

Cvelist
Cvelist
added 2026/03/25 12:31 a.m.24 views

CVE-2026-20692

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content...

0.00424EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/25 12:31 a.m.1 views

CVE-2026-20692

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content...

5.8AI score0.00424EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.3CVSS5.9AI score0.00424EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27545

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 Description A privacy issue was identified relating to the handling of use...

5.3CVSS5.8AI score0.00424EPSS
Exploits0References7
OSV
OSV
added 2026/03/06 5:39 p.m.4 views

MAL-2026-1276 Malicious code in flowfix (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/03/05 12:57 a.m.6 views

GHSA-C7MQ-GH6Q-6Q7C opennextjs-cloudflare has SSRF vulnerability via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler. The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

7.7CVSS6AI score0.00832EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/03/05 12:57 a.m.22 views

opennextjs-cloudflare has SSRF vulnerability via /cdn-cgi/ path normalization bypass

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler. The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

7.7CVSS6AI score0.00363EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/03/04 7:16 p.m.6 views

CVE-2026-3125

A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In...

7.7CVSS0.00363EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/13 1:30 a.m.5 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS5.9AI score0.00309EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2026/02/12 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2026-0036)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.5AI score0.00159EPSS
Exploits0References5
OSV
OSV
added 2026/02/11 11:16 p.m.3 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References4
NVD
NVD
added 2026/02/11 11:16 p.m.12 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS0.00309EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/11 10:58 p.m.7 views

EUVD-2026-5922

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.24 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...

0.00309EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.6 views

CVE-2026-20673

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews...

5.3CVSS5.9AI score0.00309EPSS
Exploits0References5
CVE
CVE
added 2026/02/11 10:58 p.m.27 views

CVE-2026-20673

CVE-2026-20673 is a logic-issue vulnerability in Apple Mail that is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, and iOS/iPadOS 18.7.5. The issue centers on improved checks in the Mail component; turning off “Load remote content in messages” may not apply to all mail prev...

5.3CVSS5.9AI score0.00309EPSS
Exploits0References4Affected Software3
Mageia
Mageia
added 2026/02/11 5:56 p.m.15 views

Updated thunderbird packages fix security vulnerability

CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...

4.3CVSS5.5AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7796

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews...

5.5AI score0.00309EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.5 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2026:0388-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0388-1 advisory. Update to Mozilla Thunderbird 140.7.1 MFSA 2026-08 bsc1257397: - CVE-2026-0818: CSS-based exfiltration of...

4.3CVSS7AI score0.00159EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/02/05 11:14 a.m.4 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.7.1 MFSA 2026-08 bsc1257397: CVE-2026-0818: CSS-based exfiltration of the content from partially encrypted emails when allowing remote content Patch Instructions: To install this SUSE update use the...

3.1CVSS8.4AI score0.00159EPSS
Exploits0References4
Rows per page
Query Builder