Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44133 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences. | ||||
| CVE-2024-44131 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | 5.5 Medium |
| This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data. | ||||
| CVE-2024-44130 | 1 Apple | 1 Macos | 2025-03-25 | 4.4 Medium |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information. | ||||
| CVE-2024-44125 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2024-43045 | 1 Jenkins | 1 Jenkins | 2025-03-25 | 6.3 Medium |
| Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views". | ||||
| CVE-2024-43025 | 1 Rws | 1 Multitrans | 2025-03-25 | 6.1 Medium |
| An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to alter the HTML-layout and possibly execute a phishing attack via a crafted payload injected into a sent e-mail. | ||||
| CVE-2024-43024 | 1 Rws | 1 Multitrans | 2025-03-25 | 6.1 Medium |
| Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2024-42978 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-25 | 9.8 Critical |
| An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. | ||||
| CVE-2024-42680 | 1 Cysoft168 | 1 Super Easy Enterprise Management System | 2025-03-25 | 5.5 Medium |
| An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark. | ||||
| CVE-2024-41482 | 1 Typora | 1 Typora | 2025-03-25 | 6.1 Medium |
| Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component. | ||||
| CVE-2024-41445 | 1 Ihedvall | 1 Mdf Library | 2025-03-25 | 6.5 Medium |
| Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function | ||||
| CVE-2024-40866 | 2 Apple, Redhat | 3 Macos, Safari, Enterprise Linux | 2025-03-25 | 6.5 Medium |
| The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing. | ||||
| CVE-2024-40860 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-40859 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. | ||||
| CVE-2024-40856 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | 7.5 High |
| An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network. | ||||
| CVE-2024-40848 | 1 Apple | 1 Macos | 2025-03-25 | 7.5 High |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An attacker may be able to read sensitive information. | ||||
| CVE-2024-40847 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive user data. | ||||
| CVE-2024-40844 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | 5.5 Medium |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to observe data displayed to the user by Shortcuts. | ||||
| CVE-2024-40840 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | 4.6 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data. | ||||
| CVE-2024-40837 | 1 Apple | 1 Macos | 2025-03-25 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | ||||