554 matches found
CVE-2024-44210
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...
CVE-2024-44210
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...
CVE-2024-44210
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...
CVE-2024-44210
CVE-2024-44210 is a macOS Sequoia vulnerability affecting StorageKit where an app may be able to access user-sensitive data due to insufficient permissions checks. The issue is fixed in macOS Sequoia 15.1. Affected product context from connected docs confirms the CVE is addressed by an OS update;...
CVE-2025-41078
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the...
CVE-2025-65784
Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request...
CVE-2025-41078
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the...
CVE-2025-41078
Viafirma Documents v3.7.129 is affected by an authorization weakness that allows an authenticated, unprivileged user to enumerate and access other users’ data, use user-management features (creation, modification, deletion), and escalate privileges by impersonating other users during document gen...
CVE-2023-40428
The issue was addressed with improved handling of caches. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to access sensitive user data...
CVE-2022-26694
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data...
CVE-2017-18680
An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 tablets software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 March 2017...
CVE-2019-18345
A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an...
Langflow Missing Authentication on Critical API Endpoints
Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...
CVE-2025-46292
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data...
CVE-2025-46292
CVE-2025-46292 affects Apple iOS/iPadOS prior to versions 26.2 and 18.7.3, respectively. The issue arose from insufficient entitlement checks that could allow a malicious app to access user‑sensitive data. Apple fixed this in iOS 26.2 and iPadOS 26.2, and in iOS 18.7.3 and iPadOS 18.7.3. Remediat...
CVE-2025-43522
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...
CVE-2025-43522
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access user-sensitive data...
EUVD-2025-203131
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access user-sensitive data...
CVE-2025-43522
CVE-2025-43522 is a downgrade issue affecting Intel-based Mac computers. The vulnerability arises in macOS with a downgrade path that was addressed by adding code‑signing restrictions, and is fixed in macOS Tahoe 26.2 and macOS Sequoia 15.7.3. An app may be able to access user‑sensitive data due ...
CVE-2025-43522
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...