Lucene search
K

89 matches found

CVE
CVE
added 2025/03/31 10:24 p.m.83 views

CVE-2025-30447

CVE-2025-30447 affects multiple Apple platforms (visionOS, macOS Ventura, tvOS, iPadOS, iOS, macOS Sequoia, macOS Sonoma). The issue stems from inadequate handling in logging that could allow an app to access sensitive user data; the root cause is described as improper sanitization of logging. It...

5.5CVSS5.8AI score0.00296EPSS
Exploits0References16Affected Software5
Cvelist
Cvelist
added 2025/03/31 10:22 p.m.15 views

CVE-2025-24221

This issue was addressed with improved data access restriction. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, visionOS 2.4. Sensitive keychain data may be accessible from an iOS backup...

0.00805EPSS
Exploits0References3
CVE
CVE
added 2025/02/27 12:0 a.m.71 views

CVE-2025-25729

CVE-2025-25729 concerns a data disclosure in Bosscomm IF740 firmware (versions 11001.7078 & v11001.0000) and System versions 6.25 & 6.00. The root cause is information exposed via the update or boot process, enabling an attacker to obtain hardcoded cleartext credentials. The CVE entry and related...

7.5CVSS6.5AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.4 views

Microsoft Win32k 资源管理错误漏洞

Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Win32k. An attacker exploiting this vulnerability could elevate privileges. The following products and editions are affected:Windows ...

7.8CVSS8.2AI score0.0063EPSS
Exploits0References1
OSV
OSV
added 2025/01/27 10:15 p.m.4 views

CVE-2025-24160

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...

4.3CVSS5.8AI score0.0137EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Microsoft Windows Telephony Server 安全漏洞

Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...

8.8CVSS8.7AI score0.01624EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/06 4:34 p.m.17 views

CVE-2024-53691 QTS, QuTS hero

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following...

8.7CVSS7AI score0.20112EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.5 views

PT-2024-27261 · Qnap · Quts Hero +1

Name of the Vulnerable Software and Affected Versions: QNAP operating system versions prior to QTS 5.2.1.2930 build 20241025 QNAP operating system versions prior to QuTS hero h5.2.1.2929 build 20241025 Description: A path traversal issue has been reported, potentially allowing remote attackers wi...

2.1CVSS7.2AI score0.00676EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.14 views

Qnap QTS Classic Buffer Overflow (CVE-2024-27129)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...

8.8CVSS6.3AI score0.00695EPSS
Exploits0References2
OSV
OSV
added 2024/07/29 11:15 p.m.3 views

CVE-2024-40836

A logic issue was addressed with improved checks. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. A shortcut may be able to use sensitive data with certain actions without prompting the user...

5.5CVSS5.7AI score0.00555EPSS
Exploits0References12
OSV
OSV
added 2024/07/29 11:15 p.m.3 views

CVE-2024-40818

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. An attacker with physical access may be able to use Siri to access sensitive user data...

4.6CVSS5.7AI score0.00416EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.9 views

Microsoft Windows DWM Core Library 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows DWM Core Library. The following products and editions are affected:Windows 10 Version 22H2 for x64-based Systems,Windows 10 Versio...

7.8CVSS8.9AI score0.05687EPSS
Exploits2References4
NVD
NVD
added 2024/04/12 4:15 p.m.25 views

CVE-2024-30387

A Missing Synchronization vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. If an interface flaps while the system gathers statistics on that interface, two processes...

7.1CVSS6.5AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2024/01/29 10:15 a.m.36 views

UBUNTU-CVE-2024-23792

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...

6.5CVSS5.8AI score0.00345EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.5 views

PT-2023-28611 · Apple · Ipados +5

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.1 iPadOS versions prior to 17.1 macOS Ventura versions prior to 13.6.3 macOS Sonoma versions prior to 14.1 macOS Monterey versions prior to 12.7.2 Description: A logic issue was addressed with improved checks, which...

5.3CVSS4AI score0.00534EPSS
Exploits0References10
OSV
OSV
added 2023/09/27 3:19 p.m.4 views

CVE-2023-40395

The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts...

3.3CVSS5.7AI score0.00316EPSS
Exploits0References18
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.8 views

Microsoft Windows Remote Procedure Call Runtime 安全漏洞

Microsoft Windows Remote Procedure Call Runtime is a powerful technology for creating distributed client/server programs from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Remote Procedure Call Runtime. An attacker could exploit this vulnerability to cause a deni...

7.5CVSS7.7AI score0.01435EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/30 12:0 a.m.3 views

Western Digital My Cloud 命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A command injection vulnerability exists in Western Digital My Cloud OS 5 versions prior to 5.26.300, which stems from the discovery of a remote command injection vulnerability...

6.7CVSS6.7AI score0.01315EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2022/12/13 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory...

6.5CVSS6.7AI score0.00939EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/09 12:0 a.m.10 views

Microsoft Windows Defender 安全漏洞

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A security vulnerability exists in Microsoft Windows Defender Credential Guard. The following products and editions are affected:Windows 10 Version 21H1 for x64-based Systems,Windows 10...

5.5CVSS6.7AI score0.01452EPSS
Exploits0References6
Rows per page
Query Builder