89 matches found
CVE-2025-30447
CVE-2025-30447 affects multiple Apple platforms (visionOS, macOS Ventura, tvOS, iPadOS, iOS, macOS Sequoia, macOS Sonoma). The issue stems from inadequate handling in logging that could allow an app to access sensitive user data; the root cause is described as improper sanitization of logging. It...
CVE-2025-24221
This issue was addressed with improved data access restriction. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, visionOS 2.4. Sensitive keychain data may be accessible from an iOS backup...
CVE-2025-25729
CVE-2025-25729 concerns a data disclosure in Bosscomm IF740 firmware (versions 11001.7078 & v11001.0000) and System versions 6.25 & 6.00. The root cause is information exposed via the update or boot process, enabling an attacker to obtain hardcoded cleartext credentials. The CVE entry and related...
Microsoft Win32k 资源管理错误漏洞
Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Win32k. An attacker exploiting this vulnerability could elevate privileges. The following products and editions are affected:Windows ...
CVE-2025-24160
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...
Microsoft Windows Telephony Server 安全漏洞
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...
CVE-2024-53691 QTS, QuTS hero
A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following...
PT-2024-27261 · Qnap · Quts Hero +1
Name of the Vulnerable Software and Affected Versions: QNAP operating system versions prior to QTS 5.2.1.2930 build 20241025 QNAP operating system versions prior to QuTS hero h5.2.1.2929 build 20241025 Description: A path traversal issue has been reported, potentially allowing remote attackers wi...
Qnap QTS Classic Buffer Overflow (CVE-2024-27129)
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...
CVE-2024-40836
A logic issue was addressed with improved checks. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. A shortcut may be able to use sensitive data with certain actions without prompting the user...
CVE-2024-40818
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, macOS Sonoma 14.6. An attacker with physical access may be able to use Siri to access sensitive user data...
Microsoft Windows DWM Core Library 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows DWM Core Library. The following products and editions are affected:Windows 10 Version 22H2 for x64-based Systems,Windows 10 Versio...
CVE-2024-30387
A Missing Synchronization vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. If an interface flaps while the system gathers statistics on that interface, two processes...
UBUNTU-CVE-2024-23792
When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affec...
PT-2023-28611 · Apple · Ipados +5
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.1 iPadOS versions prior to 17.1 macOS Ventura versions prior to 13.6.3 macOS Sonoma versions prior to 14.1 macOS Monterey versions prior to 12.7.2 Description: A logic issue was addressed with improved checks, which...
CVE-2023-40395
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts...
Microsoft Windows Remote Procedure Call Runtime 安全漏洞
Microsoft Windows Remote Procedure Call Runtime is a powerful technology for creating distributed client/server programs from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Remote Procedure Call Runtime. An attacker could exploit this vulnerability to cause a deni...
Western Digital My Cloud 命令注入漏洞
Western Digital My Cloud is a personal cloud storage device from Western Digital. A command injection vulnerability exists in Western Digital My Cloud OS 5 versions prior to 5.26.300, which stems from the discovery of a remote command injection vulnerability...
VulnCheck KEV: CVE-2022-42852
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory...
Microsoft Windows Defender 安全漏洞
Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A security vulnerability exists in Microsoft Windows Defender Credential Guard. The following products and editions are affected:Windows 10 Version 21H1 for x64-based Systems,Windows 10...