Lucene search
K

124 matches found

NVD
NVD
added 2024/07/29 11:15 p.m.16 views

CVE-2024-40833

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...

6.2CVSS0.00296EPSS
Exploits0References16
OSV
OSV
added 2024/07/29 11:15 p.m.5 views

CVE-2024-40833

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...

5.5CVSS5.7AI score0.00296EPSS
Exploits0References12
CVE
CVE
added 2024/07/29 10:17 p.m.55 views

CVE-2024-40833

CVE-2024-40833 is a logic-issue vulnerability fixed by Apple in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8, and iOS/iPadOS 16.7.9. The issue allows a Shortcut to access sensitive data from certain actions without user prompts. The description notes improved checks as the fix. ...

6.2CVSS5.8AI score0.00296EPSS
Exploits0References16Affected Software3
CVE
CVE
added 2024/07/29 10:17 p.m.65 views

CVE-2024-40835

CVE-2024-40835 concerns a logic issue in Apple’s Shortcuts feature where a shortcut could access sensitive data with certain actions without prompting. Affected platforms include iOS 16.7.9 and iPadOS 16.7.9; iOS 17.6 and iPadOS 17.6; macOS Ventura 13.6.8; macOS Monterey 12.7.6; macOS Sonoma 14.6...

5.5CVSS5.8AI score0.00311EPSS
Exploits0References24Affected Software4
Vulnrichment
Vulnrichment
added 2024/07/29 10:16 p.m.21 views

CVE-2024-40836

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the user...

5.8AI score0.00555EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/29 10:16 p.m.13 views

CVE-2024-40807

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...

5.8AI score0.0023EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/29 10:16 p.m.21 views

CVE-2024-40807

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...

0.0023EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS before version 16.7.9 and iPadOS before version 16.7.9, which stems from a...

5.5CVSS6.1AI score0.00311EPSS
Exploits0References7
OSV
OSV
added 2024/06/10 9:15 p.m.4 views

CVE-2024-27855

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A shortcut may be able to use sensitive data with certain actions without prompting the user...

8.8CVSS5.7AI score0.00718EPSS
Exploits0References8
NVD
NVD
added 2024/06/10 9:15 p.m.21 views

CVE-2024-27855

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, macOS Ventura 13.6.7. A shortcut may be able to use sensitive data with certain actions without prompting the user...

8.8CVSS0.00718EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2024/04/10 1:4 a.m.20 views

CVE-2023-6236 Eap: oidc app attempting to access the second tenant, the user should be prompted to log

A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...

7.3CVSS6.9AI score0.00328EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/04/10 1:4 a.m.37 views

CVE-2023-6236 Eap: oidc app attempting to access the second tenant, the user should be prompted to log

A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...

7.3CVSS7.1AI score0.00328EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/03/21 3:50 a.m.4 views

SUSE CVE-2024-2611

A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

5.9CVSS8.4AI score0.00609EPSS
Exploits1References7
Prion
Prion
added 2024/02/05 5:15 p.m.26 views

Code injection

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content...

5.8CVSS7.2AI score0.00305EPSS
Exploits1References1
NVD
NVD
added 2024/01/23 1:15 a.m.17 views

CVE-2024-23204

The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain actions without...

7.5CVSS6.6AI score0.01789EPSS
Exploits0References18
Cvelist
Cvelist
added 2024/01/23 12:25 a.m.19 views

CVE-2024-23203

The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user...

6.7AI score0.00918EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/22 12:0 a.m.2 views

PT-2024-1807 · Apple · Macos Sonoma +3

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.3 iOS versions prior to 17.3 iPadOS versions prior to 17.3 Description: The issue is related to errors in processing permissions in the Shortcuts component of iOS, macOS, and iPadOS operating systems. This ma...

7.8CVSS6.2AI score0.00918EPSS
Exploits0References19
0day.today
0day.today
added 2024/01/21 12:0 a.m.287 views

Firefox 121 / Chrome 120 Denial Of Service Exploit

Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/14 3:53 p.m.42 views

libreoffice: Remote documents loaded without prompt via IFrame

A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...

5.3CVSS5.8AI score0.02244EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2023/11/07 8:29 a.m.53 views

libreoffice: Remote documents loaded without prompt via IFrame

A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...

5.3CVSS5.8AI score0.02244EPSS
Exploits2References5
Rows per page
Query Builder