660 matches found
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...
CVE-2026-48507
Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular users.edit permission to lock every admin out of the instance by editing the activated flag which determines whether or not a user can login and the...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2026-28929
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
EUVD-2025-210014
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2025-48616
CVE-2025-48616 affects a component in KeyguardViewMediator.java, enabling a bypass of lockdown mode via screen pinning due to a logic error. This can lead to local information disclosure without requiring exploitation privileges or user interaction. Document does not specify affected product vers...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
CVE-2025-48616
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
ASB-A-438973280
In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed the unconditional use of the securitylockeddown function. Currently, the lockdown state is queried unconditionally, even though its result is only used if the PERFSAMPLEREGSINTR bit is set in attr.sampletype. Whi...
EUVD-2026-29246
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
CVE-2026-28929
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
CVE-2026-28929
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
CVE-2026-28929
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
CVE-2026-28929
CVE-2026-28929 describes a logic issue in Apple’s Mail app related to Lockdown Mode, where replying to an email could cause remote images to be displayed. The problem is fixed in software updates: iOS 18.7.9, iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The conn...
PT-2026-39789
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017485)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017485 advisory. A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, if the IMA appraisal method is used with the “imaappraiselog” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraiselog” parameter from being set during boot, but this does not cover...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The rcubarrier function was called in ksmbdserverexit. The bug is triggered due to racing between closing a connection and the rmmod operation. In ksmbd, rcubarrier is not called at the time of module unloading, so nothing...