Lucene search
K

2896 matches found

CVE
CVE
added 2026/07/07 5:11 a.m.14 views

CVE-2026-57867

CVE-2026-57867 affects MicroRealEstate before or up to 1.0.0-alpha3, due to a lack of token state management that enables adversaries to bypass authentication and brute‑force One‑Time Passwords (OTP) to log in as any user. The root cause is insufficient token state handling, leading to an auth by...

8.8CVSS6AI score0.00342EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 5:11 a.m.33 views

CVE-2026-57867

MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords OTP to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3...

8.8CVSS0.00342EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 8:17 p.m.9 views

CVE-2026-43721

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data...

6.5CVSS0.00245EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 7:43 p.m.24 views

CVE-2026-43721

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data...

0.00245EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/29 7:43 p.m.7 views

CVE-2026-43721

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data...

5.7AI score0.00245EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.20 views

PT-2026-53717

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A malicious website may be able to silently hijack clipboard data. This issue was addressed through...

6.5CVSS5.9AI score0.00245EPSS
Exploits0References8
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2025-46308

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

5.3CVSS0.0023EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.9 views

CVE-2025-46308

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

5.4AI score0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:47 p.m.9 views

EUVD-2025-210110

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

5.3CVSS5.4AI score0.0023EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 6:47 p.m.16 views

CVE-2025-46308

CVE-2025-46308: An authorization issue related to state management could allow an app to leak sensitive user information. Affected: iOS prior to 18.4, iPadOS prior to 18.4, and macOS Sequoia prior to 15.4. Fixed in iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. Mitigation: update to the fixed ver...

5.3CVSS5.5AI score0.0023EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2026/06/11 6:47 p.m.33 views

CVE-2025-46308

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

0.0023EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.10 views

EUVD-2022-56001

A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...

7.1CVSS5.5AI score0.00099EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 10:16 p.m.10 views

CVE-2022-26758

A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...

7.1CVSS0.00099EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.9 views

CVE-2025-46311

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...

7.5CVSS5.4AI score0.00231EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.10 views

CVE-2026-28964

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data...

7.5CVSS5.4AI score0.00325EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 2:1 a.m.17 views

webkitgtk: A maliciously crafted webpage may be able to fingerprint the user

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 2:1 a.m.20 views

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

5.3CVSS5.7AI score0.00222EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 2:1 a.m.21 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...

8.8CVSS5.7AI score0.00229EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 2:1 a.m.25 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper state management...

6.5CVSS5.7AI score0.0061EPSS
Exploits0References5
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS0.00125EPSS
Exploits1References11
Rows per page
Query Builder