450 matches found
CVE-2026-8450
creationtimestamp| type| source ---|---|--- 2026-05-27 05:17:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmsqxmuwt222 2026-05-27 06:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116645011565190190 2026-05-27 06:00:29+00:00| seen|...
EUVD-2026-29300
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory...
CVE-2026-28996
A race condition was addressed with additional validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to access sensitive user data...
CVE-2026-4149
creationtimestamp| type| source ---|---|--- 2026-04-11 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116383483774809251 2026-04-11 01:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mj6osz6g672t 2026-04-11 03:06:41+00:00| seen|...
CVE-2026-5994
creationtimestamp| type| source ---|---|--- 2026-04-10 02:50:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4ct7u4dc2o 2026-04-10 03:17:30+00:00| published-proof-of-concept| Telegram/Fvik4eX2xz-nzJuB7IaHT1kkv6IwgWipFYk1oHJ2HiAA0EI 2026-04-10 05:01:00+00:00| seen|...
CVE-2026-5995
creationtimestamp| type| source ---|---|--- 2026-04-10 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116377821414965974 2026-04-10 01:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mj46e3334v2r 2026-04-10 02:55:37+00:00| seen|...
CVE-2026-28876
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access sensitive user da...
CVE-2026-30792
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Strategy sync, HTTP API client, config options engine modules allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files...
CVE-2026-30795 RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Heartbeat sync loop modules allows Sniffing Attacks. This vulnerability is associated with program files src/hbbshttp/sync.Rs and program routine...
CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...
IBM Db2 Denial of Service Vulnerability (CNVD-2026-14675)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...
CVE-2019-2320
Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053...
CVE-2020-7224
The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows is vulnerable when OpenSSL parameters are altered from the issued value set; the parameters could allow unauthorized third-party libraries to load...
KDE Connect 安全漏洞
KDE Connect is a software from the KDE community that connects cell phones and computers. A security vulnerability exists in versions of KDE Connect prior to 2025-11-28 that stems from an unassociated device ID and could affect KDE Connect clients on multiple platforms...
CVE-2025-11934
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...
UBUNTU-CVE-2025-11934
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...
WordPress WP Content Pilot plugin missing license vulnerability
WordPress WP Content Pilot plugin is an automated content capture plugin designed for WordPress that supports grabbing content from multiple platforms e.g. Amazon, Pinterest, Instagram, etc. and posting it to the site automatically. A lack of authorization vulnerability exists in the WordPress WP...
CVE-2025-43433
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...
CVE-2025-62725 Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations
Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...
EUVD-2015-7538
Malware in sbrugna...