Lucene search
K

17350 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.4 views

CVE-2026-20618

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data...

5.5CVSS5.4AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.22 views

CVE-2026-20618

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data...

0.00129EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 10:58 p.m.13 views

CVE-2026-20618

CVE-2026-20618 affects macOS Tahoe prior to 26.3, where improper handling of temporary files could allow an app to access user‑sensitive data. The issue is fixed in macOS Tahoe 26.3. Affected documentation consistently notes improved handling of temporary files as the remediation. No exploitation...

5.5CVSS5.4AI score0.00129EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.22 views

CVE-2025-43417

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.2. An app may be able to access user-sensitive data...

0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.3 views

CVE-2025-43403

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.5 views

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References6
NVD
NVD
added 2026/02/11 1:15 p.m.10 views

CVE-2025-57713

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later...

7.5CVSS0.00512EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.3 views

CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

6.5CVSS5.8AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.7 views

CVE-2025-57707

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

8.8CVSS0.00655EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.3 views

CVE-2025-30269

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync...

8.1CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:17 p.m.11 views

CVE-2025-54170

CVE-2025-54170 describes an out-of-bounds read in Qsync Central that can be exploited by a remote attacker who has a user account to access secret data. Affected: Qsync Central; vulnerability type is out-of-bounds read in the affected component. Impact is confidentiality of secret data; attack re...

7.1CVSS5.5AI score0.00492EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:17 p.m.4 views

CVE-2025-57707

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

4.8CVSS5.7AI score0.00655EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/11 12:17 p.m.16 views

CVE-2025-57707

CVE-2025-57707 affects QNAP File Station 5. The vulnerability is described as an improper neutralization of directives in statically saved code (Static Code Injection) that could allow a remote attacker with a user account to access restricted data/files. The Red Hat, NVD, OSV, and related source...

8.8CVSS5.7AI score0.00655EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:26 a.m.3 views

CVE-2026-1748

The Invoct – PDF Invoices & Billing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access...

4.3CVSS5.5AI score0.00309EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.3 and earlier contained a security vulnerability. This vulnerability stemmed from parsing issues with directory path handling, which could allow applications t...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 12:0 a.m.22 views

CVE-2025-70084

Directory traversal vulnerability in OpenSatKit 2.2.1 allows attackers to gain access to sensitive information or delete arbitrary files via crafted value to the FileUtilGetFileInfo function...

0.00759EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7757

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7.4 macOS versions prior to Tahoe 26.3 Description A logging issue allowed an application to potentially access sensitive user data due to insufficient data redaction. Recommendations Update to macOS Sequoia...

5.5CVSS5.4AI score0.00131EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:0 a.m.3 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

5.3AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 12:0 a.m.18 views

CVE-2025-70084

OpenSatKit 2.2.1 is affected by a directory traversal vulnerability in the FileUtil_GetFileInfo function, allowing an attacker to access sensitive information or delete files via a crafted value. The CVE entry and Red Hat/NVD/CIRCL attestations confirm the affected product/version and the underly...

7.5CVSS5.7AI score0.00759EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7802

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 macOS versions prior to Sonoma 14.8.4 macOS versions prior to Sequoia 15.7.4 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description A...

5.3AI score0.00123EPSS
Exploits0References8
Rows per page
Query Builder