CVE-2026-44925

Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...

CVE-2025-43446

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to modify protected parts of the file system...

EUVD-2016-2855

Malware in sbrugna...

EUVD-2023-42401

Malicious code in bioql PyPI...

PT-2026-43419

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7 macOS Sonoma versions prior to 14.8 macOS Tahoe versions prior to 26 Description A permissions issue exists where an application may be able to modify protected parts of the file system. Recommendations...

CVE-2019-15358

The Dexp Z250 Android device with a build fingerprint of DEXP/Z250/Z250:8.1.0/O11019/1531130719:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system propert...

CVE-2025-31187

CVE-2025-31187 affects macOS releases and was mitigated by removing the vulnerable code. The issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The vulnerability could allow an app to modify protected parts of the file system. According to the CVE, the attack vec...

CVE-2024-54560

A logic issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, watchOS 11. A malicious app may be able to modify other apps without having App Management permission...

CVE-2024-54560

CVE-2024-54560 is a logic issue addressed by Apple across multiple platforms. According to connected sources, the vulnerability could allow a malicious application to modify other apps without the App Management permission. The fix is included in macOS Sequoia 15, iOS 18, iPadOS 18, watchOS 11, a...

CVE-2024-44243

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2. An app may be able to modify protected parts of the file system...

CVE-2024-44196

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system...

CVE-2024-40843

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system...

CVE-2024-23269

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system...

CVE-2023-42859

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system...

CVE-2023-38607

The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14. An app may be able to modify Printer settings...

CVE-2023-38564

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system...

CVE-2023-38564

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system...

Design/Logic Flaw

This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a...

CVE-2019-15383

The Allview X5 Android device with a build fingerprint of ALLVIEW/X5SoulMini/X5SoulMini:8.1.0/O11019/1522468763:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

CVE-2019-15359

The CVE-2019-15359 entry concerns Haier A6 Android devices with build fingerprint Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys and a pre-installed app (package com.mediatek.wfo.impl, versionCode 27, versionName 8.1.0). The vulnerability arises because any co-located app can modify a...