The vulnerability of the xwiki-platform-oldcore module of the XWiki platform, which is used for creating collaborative web applications. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the xwiki-platform-oldcore module of the XWiki platform, which is used for creating collaborative web applications, exposes vulnerabilities related to access control for personal information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the ImageIO component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS allows attackers to gain unauthorized access to protected information.

The vulnerability of the ImageIO component in operating systems such as macOS, iOS, iPadOS, watchOS, tvOS, and visionOS relates to reading data beyond the buffer limit of memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Find My function in macOS and iPadOS systems allows a perpetrator to disclose protected information.

The vulnerability of the Find My function in macOS and iPadOS is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to disclose sensitive information...

The vulnerability of the WeGIA web manager for charitable organizations stems from the failure to implement measures to protect the SQL query structure, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the WeGIA web manager for charitable organizations is related to the failure to implement measures to protect the SQL query structure when processing the id parameter. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

The vulnerability of the Sandbox component in macOS operating systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Sandbox component in macOS operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a perpetrator to gain unauthorized access to protected information...

The vulnerability of the SmartFabric OS10 network operating system, related to the use of files and directories accessible from external parties, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SmartFabric OS10 network operating system is related to the use of files and directories accessible from external parties. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CVE-2025-43245

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...

CVE-2025-43206

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to access protected user data...

The vulnerability of the Broker VM component in the Cortex XDR security platform, related to improper protection of the alternative path, allows a perpetrator to disclose protected information.

The vulnerability of the Broker VM component in the Cortex XDR security platform is related to improper protection of the alternative path. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the sftphandle() function in the LibSSH library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the sftphandle function in the LibSSH library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the integration gateway with ESIA ESIA-Bridge, related to bypassing authentication through spoofing, allows a perpetrator to disclose protected information.

The vulnerability of the ESIA-Bridge integration gateway relates to bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by redirecting users to a specially crafted HTML page...

The vulnerability of the rgxfw_write_robustness_buffer() function in the Driver Development Kit (DDK) toolset allows a hacker to gain unauthorized access to protected information.

The vulnerability of the rgxfwwriterobustnessbuffer function in the Driver Development Kit DDK toolset is related to context privilege switching errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the seg6 component in the Linux operating system’s kernel allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the seg6 component in the Linux operating system’s kernel relates to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the f_strflocaltime() function in the programming language JQ, which allows attackers to compromise the accessibility of protected information

The vulnerability of the fstrflocaltime function in the JavaScript programming language is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...

The vulnerability of the NetworkServlet.backupDatabase() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.backupDatabase function in the system for centrally managing network devices and ports of the Advantech iView family is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

The vulnerability of the Mail function in the MyBB forum creation software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Mail function in the MyBB forum creation software is related to insufficient testing of requests on the server side. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance allows a perpetrator to disclose protected information.

The vulnerability of the Alerts & IRM platform’s notification service for monitoring and surveillance in Grafana relates to insufficient protection of operational data when connected to the DingDing contact point. Exploiting this vulnerability can allow a malicious actor to disclose protected...

The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Core server component of Oracle WebLogic Server is related to the lack of authentication for critical functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using protocols such as T3 and II...

The vulnerability of the Mobile Security Framework (MobSF), which arises from insecure management of privileges, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Mobile Security Framework for mobile application security research lies in the insecure management of privileges. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...