Lucene search
K

12347 matches found

Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.8 views

CVE-2025-46293

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.4AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 6:47 p.m.15 views

CVE-2025-46315

CVE-2025-46315 describes a permissions issue in macOS Tahoe prior to update. An application may be able to access protected user data due to insufficient restrictions. Affected software is macOS Tahoe; the fix is implemented in macOS Tahoe 26.1. Practical impact is high (C:H/I:N/A:N per CVSS 3.1 ...

7.5CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/11 6:47 p.m.26 views

CVE-2025-46315

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data...

0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 6:47 p.m.10 views

EUVD-2025-210118

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.5CVSS5.4AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 6:47 p.m.28 views

CVE-2025-43278

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 6:47 p.m.8 views

EUVD-2025-210111

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.4AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.9 views

CVE-2025-43278

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.2AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 6:47 p.m.12 views

CVE-2025-43278

CVE-2025-43278 affects macOS Sequoia prior to 15.4; the issue arises from improper handling of symlinks and is addressed in macOS Sequoia 15.4. The description notes that an app may be able to access protected user data due to this flaw. According to the connected sources, the vulnerability is mi...

5.5CVSS5.4AI score0.00151EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/06/11 1:28 p.m.5 views

Insufficiently Protected Credentials

Overview meta-ads-mcp is a Model Context Protocol MCP server for Meta Ads - Use Remote MCP at pipeboard.co for easiest setup Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the AuthInjectionMiddleware.dispatch process. An attacker can gain unauthorized...

9.3CVSS5.8AI score0.0013EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/11 1:26 p.m.15 views

Traefik has a StripPrefix Route-Level Auth Bypass via Path Normalization

Summary There is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a PathPrefix rule and applies the StripPrefix middleware, a request path containing...

10CVSS5.6AI score0.00591EPSS
Exploits2References5Affected Software2
GithubExploit
GithubExploit
added 2026/06/11 10:42 a.m.93 views

Exploit for CVE-2026-7665

CVE-2026-7665 — Unauthenticated Information Disclosure in Esse...

5.3CVSS5.5AI score0.0515EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.10 views

PT-2026-48684

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.48 Traefik versions prior to 3.6.19 Traefik versions prior to 3.7.3 Description An unauthenticated attacker can bypass route-level authentication and authorization in Traefik when PathPrefix-based public routes a...

7.8CVSS5.3AI score0.00591EPSS
Exploits2References13
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.11 views

Apple macOS 访问控制错误漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.1 and earlier contained an access control vulnerability caused by permission issues, which could allow applications to access protected user data...

7.5CVSS6.5AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.4 had a security vulnerability due to improper handling of symbolic links, which could allow applications to access protected user data...

5.5CVSS5.3AI score0.00151EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.7 views

Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path

A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication,...

8.2CVSS7.4AI score0.00334EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/10 12:33 a.m.11 views

EUVD-2026-35916

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48559

An improper validation of credentials vulnerability in the CommvaultSecurityIQ integration for Cortex XSOAR and Cortex XSIAM allows an unauthenticated attacker to access and modify protected resources...

9.3CVSS5.5AI score0.00315EPSS
Exploits0References3
Redos
Redos
added 2026/06/10 12:0 a.m.10 views

ROS-20260610-73-0036

The vulnerability of the SDL3 RDP client for FreeRDP is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...

8.2CVSS6.2AI score0.00247EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.7 views

PT-2026-52482

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Insufficiently protected credentials stored within firmware or system files may allow an unauthenticated attacker to gain unauthorized access and expose sensitiv...

8.7CVSS7AI score0.00247EPSS
Exploits0References6
Redos
Redos
added 2026/06/09 12:0 a.m.8 views

ROS-20260609-73-0001

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

6.5CVSS5.5AI score0.04938EPSS
Exploits1
Rows per page
Query Builder