845 matches found
CVE-2026-28818
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...
CVE-2026-28837
A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...
CVE-2026-28837
CVE-2026-28837 is a logic-issue vulnerability affecting macOS Tahoe prior to the 26.4 release. The advisory states that an app may gain access to sensitive user data due to insufficient checks, and the fix is implemented in macOS Tahoe 26.4. The NVD/Red Hat entries repeat the same description, al...
CVE-2026-28820
CVE-2026-28820 involves macOS Tahoe 26.4 and earlier, where an app may access sensitive user data due to insufficient checks. The issue is addressed in macOS Tahoe 26.4 through improved checks. Affected component details are not specified beyond the macOS Tahoe series. Remediation: update to macO...
CVE-2026-28831
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...
CVE-2026-20651
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data...
CVE-2026-20651
CVE-2026-20651 is a privacy issue in macOS where improved handling of temporary files could allow an app to access sensitive user data. Public documentation ties this CVE to macOS Sequoia 15.7.5, Sonoma 14.8.4, and Tahoe 26.3, with the impact described as an app may be able to access sensitive us...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4 contain security vulnerabilities due to authorization issues, which may allow applications to access sensitive us...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from insufficient security checks, which may allow applicatio...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to cause applications to access sensitive user data...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS suffers from an information disclosure vulnerability that can be exploited by an attacker to cause an application to access sensitive user data...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS prior to Sonoma 14.8.4 and Tahoe 26.3 contained security vulnerabilities due to authorization issues, which could allow applications to access sensitive user data...
PT-2026-25950
CVE-2025-14806 IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses a… https://t.co/pdQ0W8CD4d...
CVE-2026-32130
ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management SCIM API to provision users from external providers into Zitadel. Request to the API with URL-encoded path values were correctly routed bu...
EUVD-2026-11352
An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the application...
GHSA-R5V6-2599-9G3M OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header that leads to cross‑tenant data exposure and account takeover
Summary A low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the server trusts this client-supplied header, internal permission checks in BasePermission are...
OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header that leads to cross‑tenant data exposure and account takeover
Summary A low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the server trusts this client-supplied header, internal permission checks in BasePermission are...
PT-2026-24189
Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 10.0.21 Description A low-privileged user can bypass authorization and tenant isolation in OneUptime by sending a forged is-multi-tenant-query header along with a controlled projectid header. The server incorrectly...
Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14496)
Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...
Apple macOS Tahoe Information Disclosure Vulnerability (CNVD-2026-14995)
Apple macOS Tahoe is an operating system from the American company Apple. Apple macOS Tahoe suffers from an information disclosure vulnerability that can be exploited by attackers to access sensitive user data...