Lucene search
K

845 matches found

Vulnrichment
Vulnrichment
added 2026/03/25 12:32 a.m.3 views

CVE-2026-28818

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00396EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/25 12:32 a.m.2 views

CVE-2026-28837

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 12:32 a.m.8 views

CVE-2026-28837

CVE-2026-28837 is a logic-issue vulnerability affecting macOS Tahoe prior to the 26.4 release. The advisory states that an app may gain access to sensitive user data due to insufficient checks, and the fix is implemented in macOS Tahoe 26.4. The NVD/Red Hat entries repeat the same description, al...

7.5CVSS5.8AI score0.00341EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/25 12:32 a.m.6 views

CVE-2026-28820

CVE-2026-28820 involves macOS Tahoe 26.4 and earlier, where an app may access sensitive user data due to insufficient checks. The issue is addressed in macOS Tahoe 26.4 through improved checks. Affected component details are not specified beyond the macOS Tahoe series. Remediation: update to macO...

5.5CVSS5.8AI score0.00209EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 12:31 a.m.5 views

CVE-2026-28831

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.8AI score0.00173EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/25 12:31 a.m.5 views

CVE-2026-20651

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data...

5.8AI score0.00204EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 12:31 a.m.10 views

CVE-2026-20651

CVE-2026-20651 is a privacy issue in macOS where improved handling of temporary files could allow an app to access sensitive user data. Public documentation ties this CVE to macOS Sequoia 15.7.5, Sonoma 14.8.4, and Tahoe 26.3, with the impact described as an app may be able to access sensitive us...

6.2CVSS5.8AI score0.00204EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4 contain security vulnerabilities due to authorization issues, which may allow applications to access sensitive us...

5.5CVSS5.8AI score0.00173EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from insufficient security checks, which may allow applicatio...

5.3CVSS5.8AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause applications to access sensitive user data...

5.3CVSS5.8AI score0.00396EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.13 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS suffers from an information disclosure vulnerability that can be exploited by an attacker to cause an application to access sensitive user data...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sonoma 14.8.4 and Tahoe 26.3 contained security vulnerabilities due to authorization issues, which could allow applications to access sensitive user data...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.12 views

PT-2026-25950

CVE-2025-14806 IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses a… https://t.co/pdQ0W8CD4d...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 9:37 p.m.5 views

CVE-2026-32130

ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management SCIM API to provision users from external providers into Zitadel. Request to the API with URL-encoded path values were correctly routed bu...

7.5CVSS5.8AI score0.00584EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/11 9:31 p.m.5 views

EUVD-2026-11352

An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application...

6CVSS5.8AI score0.00078EPSS
Exploits0References2
OSV
OSV
added 2026/03/10 1:9 a.m.5 views

GHSA-R5V6-2599-9G3M OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header that leads to cross‑tenant data exposure and account takeover

Summary A low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the server trusts this client-supplied header, internal permission checks in BasePermission are...

9.9CVSS5.8AI score0.00494EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/03/10 1:9 a.m.7 views

OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header that leads to cross‑tenant data exposure and account takeover

Summary A low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the server trusts this client-supplied header, internal permission checks in BasePermission are...

9.9CVSS5.8AI score0.00494EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24189

Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 10.0.21 Description A low-privileged user can bypass authorization and tenant isolation in OneUptime by sending a forged is-multi-tenant-query header along with a controlled projectid header. The server incorrectly...

9.9CVSS5.8AI score0.00494EPSS
Exploits1References12
CNVD
CNVD
added 2026/03/02 12:0 a.m.4 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14496)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...

6.5CVSS5.9AI score0.00123EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/02 12:0 a.m.2 views

Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14995)

Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References1
Rows per page
Query Builder