Lucene search
K

13696 matches found

redhatcve
redhatcve
added 2026/05/13 8:21 a.m.15 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

8.8CVSS5.8AI score0.00154EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/13 12:0 a.m.10 views

Palo Alto Networks Prisma Browser 安全漏洞

Palo Alto Networks Prisma Browser is an enterprise-level security browser developed by Palo Alto Networks. There is a security vulnerability in Palo Alto Networks Prisma Browser for macOS. This vulnerability stems from improper alternative path protection, which fails to properly restrict access ...

7.3CVSS5.8AI score0.00149EPSS
Exploits0References1
euvd
euvd
added 2026/05/11 9:31 p.m.9 views

EUVD-2026-29236

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

5.8AI score0.00136EPSS
Exploits0References2
nvd
nvd
added 2026/05/11 9:19 p.m.13 views

CVE-2026-39871

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data...

7.5CVSS0.00311EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/05/11 8:8 p.m.9 views

CVE-2026-28946

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

5.8AI score0.00393EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/11 8:8 p.m.19 views

CVE-2026-28913

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References6
cvelist
cvelist
added 2026/05/11 8:7 p.m.34 views

CVE-2026-28915

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges...

0.00178EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/11 12:0 a.m.17 views

PT-2026-39790

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...

5.8AI score0.00302EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.11 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

6.5CVSS5.8AI score0.00453EPSS
Exploits1References2
nessus
nessus
added 2026/05/11 12:0 a.m.13 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017594 advisory. libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command li...

7.5CVSS6.5AI score0.0982EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2026/05/06 7:16 p.m.7 views

CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2026/05/06 6:13 p.m.6 views

CVE-2026-8001

Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

8.3CVSS5.3AI score0.00178EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.10 views

PT-2026-37852

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS7.2AI score0.0038EPSS
Exploits0References6
nessus
nessus
added 2026/05/01 12:0 a.m.10 views

Wireshark 2.0.x < 2.0.13 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.13 advisory. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed i...

7.8CVSS5.9AI score0.03436EPSS
Exploits0References31
nessus
nessus
added 2026/05/01 12:0 a.m.4 views

Wireshark 1.12.x < 1.12.13 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.12.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.12.13 advisory. - The NDS dissector could crash. It may be possible to make Wireshark crash by injecting a malformed...

5.8AI score
Exploits0References17
packetstorm
packetstorm
added 2026/04/23 12:0 a.m.91 views

📄 Forcepoint One Endpoint macOS 25.08.5008 Forcepoint DLP Endpoint Process Suspension Bypass

This Metasploit auxiliary module targets Forcepoint Data Loss Prevention DLP Endpoint on macOS and attempts to manipulate or suspend related security processes. ================================================================================================================================== | Tit...

5.8AI score
Exploits0
nessus
nessus
added 2026/04/21 12:0 a.m.3 views

Mozilla Firefox < 150.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-30 advisory. - Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability w...

9.8CVSS6.2AI score0.04938EPSS
Exploits1References44
ptsecurity
ptsecurity
added 2026/04/16 12:0 a.m.12 views

PT-2026-37124

Name of the Vulnerable Software and Affected Versions electerm versions prior to 3.3.8 Description A command injection issue exists in the runMac function within the file github.com/elcterm/electerm/npm/install.js:150. The function appends the remote releaseInfo.name variable, which can be...

9.8CVSS6AI score0.01572EPSS
Exploits0References11
osv
osv
added 2026/04/14 9:19 p.m.8 views

MAL-2026-2669 Malicious code in ant-mcp-proxy-for-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564 During use of the package, it silently downloads and executes remote executables or scripts. During analysis, the remote resources were no longer available. Th...

5.8AI score
Exploits0References1
cnnvd
cnnvd
added 2026/04/14 12:0 a.m.6 views

Microsoft .NET 代码问题漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There are code-related vulnerabilities in Microsoft .NET. Attackers can exploit...

7.5CVSS6.2AI score0.01753EPSS
Exploits0References2
Rows per page
Query Builder