CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 3 days ago•4 views

CVE-2025-48616

3.3CVSS0.00004EPSS

Cvelist•added 3 days ago•22 views

CVE-2025-48616

0.00004EPSS

CVE•added 3 days ago•4 views

CVE-2025-48616

CVE-2025-48616 affects a component in KeyguardViewMediator.java, enabling a bypass of lockdown mode via screen pinning due to a logic error. This can lead to local information disclosure without requiring exploitation privileges or user interaction. Document does not specify affected product vers...

3.3CVSS5.9AI score0.00004EPSS

Exploits0References1Affected Software1

Vulnrichment•added 3 days ago•7 views

CVE-2025-48616

5.9AI score0.00004EPSS

OSV•added 3 days ago•2 views

ASB-A-438973280

3.3CVSS5.9AI score0.00004EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The rcubarrier function was called in ksmbdserverexit. The bug is triggered due to racing between closing a connection and the rmmod operation. In ksmbd, rcubarrier is not called at the time of module unloading, so nothing...

5.5CVSS5.9AI score0.0006EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•11 views

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.9AI score0.01884EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, if the IMA appraisal method is used with the “imaappraiselog” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraiselog” parameter from being set during boot, but this does not cover...

6.7CVSS6.5AI score0.0007EPSS

EUVD•added 2026/05/11 9:31 p.m.•3 views

EUVD-2026-29246

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Replying to an email could display remote images in Mail in Lockdown Mode...

5.8AI score0.00042EPSS

Exploits0References5

NVD•added 2026/05/11 9:18 p.m.•3 views

CVE-2026-28929

7.5CVSS0.00042EPSS

Cvelist•added 2026/05/11 8:8 p.m.•18 views

CVE-2026-28929

0.00042EPSS

CVE•added 2026/05/11 8:8 p.m.•7 views

CVE-2026-28929

CVE-2026-28929 describes a logic issue in Apple’s Mail app related to Lockdown Mode, where replying to an email could cause remote images to be displayed. The problem is fixed in software updates: iOS 18.7.9, iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5. The conn...

7.5CVSS5.8AI score0.00042EPSS

Exploits0References4Affected Software3

Vulnrichment•added 2026/05/11 8:8 p.m.•3 views

CVE-2026-28929

5.8AI score0.00042EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•3 views

PT-2026-39789

5.8AI score0.00042EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017485)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017485 advisory. A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an...

7.5CVSS5.9AI score0.01884EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed the unconditional use of the securitylockeddown function. Currently, the lockdown state is queried unconditionally, even though its result is only used if the PERFSAMPLEREGSINTR bit is set in attr.sampletype. Whi...

3.3CVSS6.4AI score0.00019EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. The dump command of grub is not blocked when grub is in lockdown mode, which allows the user to read any memory information. An attacker could exploit this vulnerability to extract signatures, salts, and other sensitive information from the memory...

4.4CVSS6.6AI score0.00017EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: dynevent – Added a missing lockdown check to dynevent. Since the dynamicevents interface on tracefs is compatible with kprobeevents and uprobeevents, it should also check the lockdown status and reject any cases where...

7AI score0.00063EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

KGDB and KDB allow read and write access to kernel memory, and therefore should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger, so it is important that the debugger respects the lockdown mode when/if it is triggered. CVSS 3.1 Base Score: 6.7...

6.7CVSS6.8AI score0.00178EPSS