CVE-2025-46278

The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data...

CVE-2025-43475

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data...

CVE-2025-43475

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data...

CVE-2025-46292

CVE-2025-46292 affects Apple iOS/iPadOS prior to versions 26.2 and 18.7.3, respectively. The issue arose from insufficient entitlement checks that could allow a malicious app to access user‑sensitive data. Apple fixed this in iOS 26.2 and iPadOS 26.2, and in iOS 18.7.3 and iPadOS 18.7.3. Remediat...

CVE-2025-46292

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data...

CVE-2025-46283

CVE-2025-46283 describes a logic issue resolved by improved validation in macOS Tahoe 26.2. The available descriptions indicate that, prior to the fix, an app may be able to access sensitive user data. References across Red Hat, NVD, CIRCL, and Apple security content consistently link the issue t...

CVE-2025-46283

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may be able to access sensitive user data...

CVE-2025-46283

A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.2. An app may be able to access sensitive user data...

CVE-2025-34441

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations...

CVE-2025-34441 AVideo < 20.1 User Information Disclosure via Public API

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations...

CVE-2025-34441

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations...

CVE-2025-34441 AVideo < 20.1 User Information Disclosure via Public API

AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, enabling user enumeration and privacy violations...

CVE-2025-12809

The Dokan Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /dokan/v1/wholesale/register REST API endpoint in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to enumerate users and retrieve...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Tahoe versions prior to 26.2, which stems from improper handling of cache and could cause an application to access protected user...

AVideo 安全漏洞

AVideo is an open source broadcast network creation tool from World Wide Broadcast Network. A security vulnerability exists in AVideo versions prior to 20.0 that stems from an unauthenticated public API endpoint exposing sensitive user information, which could lead to user enumeration and privacy...

PT-2025-51914

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.2 iPadOS versions prior to 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 Description An application may be able to access user-sensitive data due to insufficient entitlement checks. Recommendations...

PT-2025-51979

Name of the Vulnerable Software and Affected Versions ZZCMS version 2025 Description A security issue exists in ZZCMS 2025 related to the User Data Storage Module. A flaw within the /reg/user save.php file results in the storage of data in cleartext on a file or disk. Remote exploitation is...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS, which arises from insufficient privilege checking and...

CVE-2025-12809

The Dokan Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /dokan/v1/wholesale/register REST API endpoint in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to enumerate users and retrieve...

CVE-2025-12809 dokan pro <= 4.1.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The Dokan Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /dokan/v1/wholesale/register REST API endpoint in all versions up to, and including, 4.1.3. This makes it possible for unauthenticated attackers to enumerate users and retrieve...