Lucene search
K

554 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 5:19 p.m.11 views

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

3.3CVSS6.1AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 6:16 p.m.9 views

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

3.3CVSS0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 5:6 p.m.3 views

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

3.3CVSS5.4AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2026/01/16 5:6 p.m.290 views

CVE-2024-44210

CVE-2024-44210 is a macOS Sequoia vulnerability affecting StorageKit where an app may be able to access user-sensitive data due to insufficient permissions checks. The issue is fixed in macOS Sequoia 15.1. Affected product context from connected docs confirms the CVE is addressed by an OS update;...

3.3CVSS5.7AI score0.0016EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2025-41078

Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the...

8.7CVSS7AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 12:0 a.m.26 views

CVE-2025-65784

Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows authenticated attackers with low-level privileges to access other users' information via a crafted API request...

0.00306EPSS
Exploits1References1
OSV
OSV
added 2026/01/12 3:16 p.m.4 views

CVE-2025-41078

Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the...

8.1CVSS5.8AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2026/01/12 2:59 p.m.21 views

CVE-2025-41078

Viafirma Documents v3.7.129 is affected by an authorization weakness that allows an authenticated, unprivileged user to enumerate and access other users’ data, use user-management features (creation, modification, deletion), and escalate privileges by impersonating other users during document gen...

8.7CVSS6.6AI score0.00205EPSS
Exploits0References1Affected Software2
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.11 views

CVE-2023-40428

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to access sensitive user data...

5.5CVSS5.5AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.5 views

CVE-2022-26694

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data...

9.1CVSS5.8AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.8 views

CVE-2017-18680

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 tablets software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 March 2017...

7.1CVSS7AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.9 views

CVE-2019-18345

A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the name of the user. If the user is an...

9.3CVSS6.1AI score0.02242EPSS
Exploits4References1
Github Security Blog
Github Security Blog
added 2026/01/02 9:11 p.m.13 views

Langflow Missing Authentication on Critical API Endpoints

Summary Multiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal dat...

9.3CVSS7.3AI score0.20655EPSS
Exploits1References5Affected Software2
Vulnrichment
Vulnrichment
added 2025/12/17 8:46 p.m.10 views

CVE-2025-46292

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data...

5.8AI score0.00115EPSS
Exploits0References2
CVE
CVE
added 2025/12/17 8:46 p.m.27 views

CVE-2025-46292

CVE-2025-46292 affects Apple iOS/iPadOS prior to versions 26.2 and 18.7.3, respectively. The issue arose from insufficient entitlement checks that could allow a malicious app to access user‑sensitive data. Apple fixed this in iOS 26.2 and iPadOS 26.2, and in iOS 18.7.3 and iPadOS 18.7.3. Remediat...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/12/13 10:0 p.m.5 views

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...

3.3CVSS5.8AI score0.00113EPSS
Exploits0References1
OSV
OSV
added 2025/12/12 9:15 p.m.5 views

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access user-sensitive data...

3.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2025/12/12 8:57 p.m.5 views

EUVD-2025-203131

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3. An app may be able to access user-sensitive data...

5.8AI score0.00113EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 8:57 p.m.17 views

CVE-2025-43522

CVE-2025-43522 is a downgrade issue affecting Intel-based Mac computers. The vulnerability arises in macOS with a downgrade path that was addressed by adding code‑signing restrictions, and is fixed in macOS Tahoe 26.2 and macOS Sequoia 15.7.3. An app may be able to access user‑sensitive data due ...

3.3CVSS5.8AI score0.00113EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/12 8:57 p.m.25 views

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...

0.00113EPSS
Exploits0References2
Rows per page
Query Builder