559 matches found
CVE-2026-20645
CVE-2026-20645: An inconsistency in the user interface was mitigated by changes to state management. Affected product classes are Apple iOS and iPadOS, with fixes in iOS 26.3 / iPadOS 26.3 and iOS 18.7.5 / iPadOS 18.7.5. The description indicates that an attacker with physical access to a locked ...
CVE-2026-20645
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information...
CVE-2026-20645
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information...
CVE-2026-20645
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information...
CVE-2026-20640
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac...
CVE-2026-20640
An inconsistency in the iOS/iPadOS user interface, fixed by improved state management, could allow a person with physical access to take and view screenshots during iPhone Mirroring with Mac. The CVE notes this is resolved in iOS 26.3 / iPadOS 26.3. Affected products are iPhone and iPad platforms...
CVE-2026-20640
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac...
CVE-2026-20640
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac...
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in...
PT-2026-7772
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description An inconsistent user interface issue existed due to improved state management. An attacker with physical access to an iPhone could potentially take and view screenshots of...
CVE-2026-25561
WeKan versions prior to 8.19 are affected by an authorization weakness in the attachment upload API. The endpoint does not fully validate that identifiers such as boardId, cardId, swimlaneId, and listId consistently refer to a coherent card/board relationship, enabling attachments to be uploaded ...
NanoMQ 代码问题漏洞
NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Version 0.24.6 of NanoMQ contains a code vulnerability that stems from inconsistent protocol parsing or forwarding during the handling of shared subscriptions. This vulnerability may lead to remote crashes...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an uncontrolled usage method, potentially leading to inconsistent queue states...
CVE-2026-24007 Tuleap is missing CSRF protection in the Overview inconsistent items
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...
CVE-2026-24007 Tuleap is missing CSRF protection in the Overview inconsistent items
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...
CVE-2026-24007 Tuleap is missing CSRF protection in the Overview inconsistent items
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap is missing CSRF protection in the Overview inconsistent items. An attacker could use this vulnerability to trick victims into repairing inconsistent items creating artifact links from the release. This...
PT-2026-5715
Name of the Vulnerable Software and Affected Versions Tuleap Community Edition versions prior to 17.0.99.1768924735 Tuleap Enterprise Edition versions 17.2-5, 17.1-6, and 17.0-9 Description Tuleap lacks CSRF protection in the Overview inconsistent items feature. An attacker could exploit this to...
ROS-20260129-73-0081
Vulnerability in gitea related to inconsistent responses to incoming requests. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
CVE-2025-12810
Improper Authentication vulnerability in Delinea Inc. Secret Server On-Prem RPC Password Rotation modules.This issue affects Secret Server On-Prem: 11.8.1, 11.9.6, 11.9.25. A secret with "change password on check in" enabled automatically checks in even when the password change fails after reachi...