Lucene search
K

845 matches found

nvd
nvd
added 2026/05/25 4:16 p.m.26 views

CVE-2026-42797

Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which allows any administrator with sufficient entitlements for User read to access User-related...

4.9CVSS0.00436EPSS
Exploits0References2
euvd
euvd
added 2026/05/15 12:30 a.m.20 views

EUVD-2026-30494

Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...

6.9CVSS5.8AI score0.00356EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/05/12 8:21 p.m.13 views

CVE-2026-28830

A race condition was addressed with additional validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References1
nvd
nvd
added 2026/05/11 9:19 p.m.18 views

CVE-2026-43659

A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data...

4.7CVSS0.00099EPSS
Exploits0References6
nvd
nvd
added 2026/05/11 9:18 p.m.12 views

CVE-2026-28830

A race condition was addressed with additional validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

4.7CVSS0.00085EPSS
Exploits0References1
cve
cve
added 2026/05/11 8:8 p.m.16 views

CVE-2026-43659

CVE-2026-43659 is a race condition in the Apple FileProvider component. The issue could allow an app to access sensitive user data and was mitigated by added validation. Apple fixed it in multiple platforms: iOS 18.7.9 / iPadOS 18.7.9; iOS 26.5 / iPadOS 26.5; macOS Sequoia 15.7.7; macOS Sonoma 14...

4.7CVSS5.8AI score0.00099EPSS
Exploits0References6Affected Software4
cve
cve
added 2026/05/11 8:8 p.m.14 views

CVE-2026-20696

Technical details beyond the high-level description for CVE-2026-20696 are not publicly available in the provided documents. The material confirms an authorization/state-management issue fixed in macOS Tahoe 26.4 affecting an app’s access to user data. Monitor for updates.

5.5CVSS5.8AI score0.00112EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/05/11 8:8 p.m.32 views

CVE-2026-20696

An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

0.00112EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/11 8:8 p.m.8 views

CVE-2026-28964

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data...

5.8AI score0.00325EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/11 8:7 p.m.38 views

CVE-2026-28830

A race condition was addressed with additional validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

0.00085EPSS
Exploits0References1
cve
cve
added 2026/05/11 8:7 p.m.16 views

CVE-2026-28830

CVE-2026-28830 describes a race condition resolved by additional input validation. Multiple connected sources (NVD, EUVD-2026-29216, CVE listings, and vulnerability enrichment) indicate the issue is fixed in macOS Tahoe 26.4 and that an app could potentially access sensitive user data. The availa...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/05/11 12:0 a.m.17 views

PT-2026-39759

A race condition was addressed with additional validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00085EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.9 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe prior to 26.4 contained a security vulnerability caused by a race condition issue, which could allow applications to access sensitive user data...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/20 12:0 a.m.8 views

PHPGurukul Apartment Visitors Management System 安全漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. Version V1.1 of the PHPGurukul Apartment Visitors Management System contains a security vulnerability. This vulnerability stems from an SQL injection issue with the email...

7.5CVSS5.9AI score0.00294EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/04/03 3:6 p.m.5 views

CVE-2026-35543

A flaw was found in Roundcube Webmail. A remote attacker could bypass the remote image blocking feature by sending a specially crafted email that includes Scalable Vector Graphics SVG content with animation attributes. This vulnerability may lead to unauthorized information disclosure or an...

5.3CVSS5.9AI score0.00402EPSS
Exploits0References2
cve
cve
added 2026/04/01 12:30 a.m.9 views

CVE-2025-71280

XenForo before 2.3.7 is affected by an information-disclosure vulnerability where local account pages could be cached on shared systems, exposing sensitive user data to other local users. The root cause is local page caching on multi-user machines. Impact is exposure of user information; CVSS met...

6.9CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software1
snyk
snyk
added 2026/03/31 11:21 p.m.4 views

Missing Authorization

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authorization in the users.json.php process. An attacker can access sensitive personal and financial information of all users by sending authenticated...

7.1CVSS5.8AI score0.00316EPSS
Exploits1References2
cnvd
cnvd
added 2026/03/31 12:0 a.m.6 views

Unspecified Vulnerability in Apple macOS (CNVD-2026-19034)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that stems from a logging issue that can be exploited by an attacker to cause an application to access sensitive user data...

5.3CVSS5.8AI score0.00396EPSS
Exploits0
cnvd
cnvd
added 2026/03/31 12:0 a.m.6 views

Unspecified vulnerability in Apple macOS Tahoe (CNVD-2026-19040)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe contains a security vulnerability that can be exploited by attackers to cause an application to access sensitive user data...

5.5CVSS5.8AI score0.00177EPSS
Exploits0
osv
osv
added 2026/03/27 8:36 p.m.5 views

CVE-2026-33882 Statamic's Markdown preview endpoint exposes sensitive user data

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retriev...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References3
Rows per page
Query Builder