Unspecified Vulnerability in Apple macOS Tahoe (CNVD-2026-19035)

Apple macOS Tahoe is an operating system from the American company Apple. A security vulnerability exists in Apple macOS Tahoe, which stems from a directory path resolution issue that can be exploited by attackers to cause an application to access sensitive user data...

CVE-2019-18339

A vulnerability has been identified in SiNVR/SiVMS Video Server All versions V5.0.0. The HTTP service default port 5401/tcp of the SiVMS/SiNVR Video Server contains an authentication bypass vulnerability, even when properly configured with enforced authentication. A remote attacker with network...

CVE-2025-21073

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability...

CVE-2025-21073

Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability...

CVE-2025-21073

CVE-2025-21073 describes an insecure default configuration in USB connection mode before Samsung SMR Nov-2025 Release 1. This allows a privileged physical attacker to access user data on affected devices. Exploitation requires physical access and user interaction. Impact is data confidentiality l...

CVE-2025-41338

The CVE CVE-2025-41338 affects CanalDenuncia.app with a missing/intheory lack of authorization vulnerability. Multiple connected sources (NVD, Red Hat CVE, CNVD, CIRCL, CNNVD, EUVD, VULNRICHMENT, CVE List entry) describe an information disclosure via improper authorization checks when sending a P...

CVE-2025-43396

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A sandboxed app may be able to access sensitive user data...

EUVD-2020-19522

Malware in sbrugna...

EUVD-2022-49125

Malicious code in bioql PyPI...

CVE-2021-29437

ScratchOAuth2 is an Oauth implementation for Scratch. Any ScratchOAuth2-related data normally accessible and modifiable by a user can be read and modified by a third party. 1. Scratch user visits 3rd party site. 2. 3rd party site asks user for Scratch username. 3. 3rd party site pretends to be us...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems from the U.S.-based Apple Inc. developed specifically for Mac computers. A security vulnerability exists in Apple macOS Sequoia, which stems from an injection issue that could cause an application to access sensitive user data...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia, which stems from improper handling of symbolic links and could cause an application to access protected user data...

CVE-2024-54477

CVE-2024-54477 affects macOS Sequoia 15.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2. The issue is described as an access to user-sensitive data via a local issue with high confidentiality impact, low attack complexity, and no user interaction required (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/...

Apple Xcode 安全漏洞

Apple Xcode is a set of integrated development environments provided to developers by Apple Inc. in the United States, which is primarily used to develop applications for Mac OS X and iOS. A security vulnerability exists in Apple Xcode version 16, which originates from an application that may be...

Incorrect Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization due to improper handling of authorization logic. An attacker can bypass security measures and access sensitive user data without requiring user...

CVE-2022-22328

IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. IBM X-Force ID: 218871...

CVE-2022-22650

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application's permissions and access user data...

Palm Zhenyi app design loophole

Palm ZJI APP is a mobile application developed by the First Hospital Affiliated to Zhejiang University School of Medicine ZJU-S1 to alleviate the tediousness of traditional medical consultation time. A design vulnerability exists in the Palm ZJI App. An attacker can bypass the check by constructi...