Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2655 | 2025-03-24 | 7.3 High | ||
| A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. This vulnerability affects the function save_users of the file /classes/Users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2025-30556 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in flyaga Fix Rss Feeds allows Cross Site Request Forgery. This issue affects Fix Rss Feeds: from n/a through 3.1. | ||||
| CVE-2025-30557 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in odihost Easy 301 Redirects allows Cross Site Request Forgery. This issue affects Easy 301 Redirects: from n/a through 1.33. | ||||
| CVE-2025-30558 | 2025-03-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render allows Stored XSS. This issue affects ANAC XML Render: from n/a through 1.5.7. | ||||
| CVE-2025-30560 | 2025-03-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu allows Stored XSS. This issue affects jQuery Dropdown Menu: from n/a through 3.0. | ||||
| CVE-2025-30561 | 2025-03-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro allows Stored XSS. This issue affects CAS Maestro: from n/a through 1.1.3. | ||||
| CVE-2025-24121 | 1 Apple | 1 Macos | 2025-03-24 | 3.3 Low |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system. | ||||
| CVE-2025-24137 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-24 | 8 High |
| A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution. | ||||
| CVE-2024-44026 | 1 Nicheaddons | 1 Charity Addon For Elementor | 2025-03-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows Stored XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.0. | ||||
| CVE-2025-24146 | 1 Apple | 1 Macos | 2025-03-24 | 9.8 Critical |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging. | ||||
| CVE-2025-24160 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-24 | 4.3 Medium |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | ||||
| CVE-2025-24176 | 1 Apple | 1 Macos | 2025-03-24 | 7.1 High |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges. | ||||
| CVE-2025-24099 | 1 Apple | 1 Macos | 2025-03-24 | 5.1 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges. | ||||
| CVE-2025-30564 | 2025-03-24 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpwox Custom Script Integration allows Stored XSS. This issue affects Custom Script Integration: from n/a through 2.1. | ||||
| CVE-2024-44179 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-24 | 2.4 Low |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a device may be able to read contact numbers from the lock screen. | ||||
| CVE-2024-54539 | 1 Apple | 1 Macos | 2025-03-24 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to capture keyboard events from the lock screen. | ||||
| CVE-2024-54542 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-24 | 9.1 Critical |
| An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication. | ||||
| CVE-2025-24092 | 1 Apple | 1 Macos | 2025-03-24 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information. | ||||
| CVE-2025-24093 | 1 Apple | 1 Macos | 2025-03-24 | 9.8 Critical |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent. | ||||
| CVE-2025-24101 | 1 Apple | 1 Macos | 2025-03-24 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | ||||