Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.12 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 9:31 p.m.10 views

EUVD-2026-29272

The issue was addressed with improved UI handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

5.8AI score0.00296EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 9:18 p.m.11 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

4.3CVSS0.00296EPSS
Exploits0References4
CVE
CVE
added 2026/05/11 8:8 p.m.16 views

CVE-2026-28971

CVE-2026-28971 affects Apple platforms via improper UI handling that can be exploited by a malicious iframe to leverage a website’s download settings. Concrete details across connected sources indicate fixes are delivered in iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, and visionOS 26.5. The vulnerab...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References4Affected Software4
Vulnrichment
Vulnrichment
added 2026/05/11 8:8 p.m.7 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

5.8AI score0.00296EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/11 8:8 p.m.10 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/11 8:8 p.m.31 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

0.00296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39815

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Tahoe versions prior to 26.5 visionOS versions prior to 26.5 Description A malicious iframe may use another website’s download settings. This issue was addressed through improved U...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

4.3CVSS5.8AI score0.00296EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3383

Malware in sbrugna...

4.3CVSS4.8AI score0.01275EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-30563

Malware in sbrugna...

4.3CVSS5AI score0.00838EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-34574

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00645EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.6 views

CVE-2021-4375

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the uscesdownloadsysteminformation function in versions up to, and including, 2.2.7. This makes it possible for authenticated attackers to download information including WordPres...

4.3CVSS5.9AI score0.0061EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.11 views

CVE-2021-24773

The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.7AI score0.02774EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2023/08/04 1:15 a.m.6 views

CVE-2023-30146

Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials...

7.5CVSS7.1AI score0.00645EPSS
Exploits2References3
Prion
Prion
added 2023/08/04 1:15 a.m.18 views

Command injection

Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials...

5CVSS7.5AI score0.00645EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2023/06/07 2:15 a.m.4 views

CVE-2021-4375

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the uscesdownloadsysteminformation function in versions up to, and including, 2.2.7. This makes it possible for authenticated attackers to download information including WordPres...

4.3CVSS5.8AI score0.0061EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.5 views

PT-2023-12486 · WordPress · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce plugin for WordPress versions up to, and including, 2.2.7 Description: The issue allows authenticated attackers to bypass authorization and download sensitive information, including WordPress settings, plugin settings, PHP...

4.3CVSS4.6AI score0.0061EPSS
Exploits1References4
OSV
OSV
added 2020/04/01 6:15 p.m.5 views

CVE-2020-9784

A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings...

4.3CVSS6AI score
Exploits0References1
NVD
NVD
added 2020/04/01 6:15 p.m.23 views

CVE-2020-9784

A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings...

4.3CVSS3.9AI score0.00838EPSS
Exploits0References1
Rows per page
Query Builder