EUVD-2026-28587

SEPPmail Secure Email Gateway before version 15.0.4 contains an unauthenticated path traversal vulnerability in the identifier parameter of /api.app/attachment/preview that allows remote attackers to read arbitrary local files and trigger deletion of files in the targeted directory with the...

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

CVE-2025-48594

In onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion application privileges after disassociation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

CVE-2025-48594

In onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion application privileges after disassociation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

CVE-2025-21080

Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege...

EUVD-2024-25015

Malicious code in bioql PyPI...

CVE-2025-43207

This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

CVE-2017-13311

In the read function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interactio...

PT-2024-22077 · Apple · Macos Sonoma +1

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.5 Description: A logic issue was addressed with improved checks, which may allow an app to elevate privileges. The issue is fixed in macOS Sonoma 14.5. Recommendations: For versions prior to 14.5, update to...

macOS 12.x < 12.7.3 Multiple Vulnerabilities (HT214057)

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.7.3. It is, therefore, affected by multiple vulnerabilities: - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2,...

Huawei HarmonyOS 路径遍历漏洞

Huawei HarmonyOS is an operating system from Huawei, China. A security vulnerability exists in a component of Huawei HarmonyOS, which provides a microkernel-based, fully-scoped distributed operating system. An attacker can exploit the vulnerability to write files arbitrarily with systemapp...

Huawei HarmonyOS 路径遍历漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. A security vulnerability exists in Huawei HarmonyOS, which provides a microkernel-based, fully-scoped distributed operating system. An attacker can exploit the vulnerability to write files with systemapp privileges...

Huawei Smartphone 代码注入漏洞

Huawei Smartphone is a smartphone from Huawei, a Chinese company. Huawei Smartphone suffers from a code injection vulnerability. An attacker can exploit this vulnerability to delete arbitrary files via systemapp privileges...

FiberHome Fiberhome AN5506-04-F Cross-Site Scripting Vulnerability

FiberHome Fiberhome AN5506-04-F is a router from China FiberHome. A cross-site scripting vulnerability exists in the Fiberhome AN5506-04-F RP2669 version, which originates from the program failing to properly filter user input. A remote attacker could exploit this vulnerability to run malicious...