Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46935 | 1 Rocket.chat | 1 Rocket.chat | 2025-03-25 | 7.5 High |
| Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser. | ||||
| CVE-2024-46934 | 1 Rocket.chat | 1 Rocket.chat | 2025-03-25 | 6.1 Medium |
| Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based Cross-site Scripting (XSS). Attackers may be able to abuse the UpdateOTRAck method to forge a message that contains an XSS payload. | ||||
| CVE-2024-46372 | 1 Dedecms | 1 Dedecms | 2025-03-25 | 6.1 Medium |
| DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the advertisement management module. | ||||
| CVE-2024-45987 | 1 Online Voting System Project | 1 Online Voting System | 2025-03-25 | 6.5 Medium |
| Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or knowledge. The attack leverages the user's active session to perform the unauthorized action, compromising the integrity of the voting process. | ||||
| CVE-2024-45836 | 1 Planex | 10 Cs-qr10, Cs-qr10 Firmware, Cs-qr20 and 7 more | 2025-03-25 | 6.1 Medium |
| Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the user. | ||||
| CVE-2024-44776 | 1 Vtiger | 1 Vtiger Crm | 2025-03-25 | 6.1 Medium |
| An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. | ||||
| CVE-2024-44229 | 1 Apple | 6 Ios, Ipados, Iphone Os and 3 more | 2025-03-25 | 5.3 Medium |
| An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history. | ||||
| CVE-2024-44207 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | 4.3 Medium |
| This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated. | ||||
| CVE-2024-44204 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | 5.5 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver. | ||||
| CVE-2024-44198 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-25 | 5.5 Medium |
| An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-44191 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2025-03-25 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth. | ||||
| CVE-2024-44171 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2025-03-25 | 4.6 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features. | ||||
| CVE-2024-44170 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-25 | 5.5 Medium |
| A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44166 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44165 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-25 | 7.5 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel. | ||||
| CVE-2024-44164 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | 7.1 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to bypass Privacy preferences. | ||||
| CVE-2024-44161 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination. | ||||
| CVE-2024-44153 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44149 | 1 Apple | 1 Macos | 2025-03-25 | 7.5 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | ||||
| CVE-2024-44146 | 1 Apple | 1 Macos | 2025-03-25 | 10.0 Critical |
| A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | ||||