Export limit exceeded: 10445 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10445 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-58342 | 1 Xenforo | 1 Xenforo | 2026-04-02 | 6.3 Medium |
| XenForo before 2.2.17 and 2.3.1 allows open redirect via a specially crafted URL. The getDynamicRedirect() function does not adequately validate the redirect target, allowing attackers to redirect users to arbitrary external sites using crafted URLs containing newlines, user credentials, or host mismatches. | ||||
| CVE-2026-20667 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-04-02 | 8.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, watchOS 26.3. An app may be able to break out of its sandbox. | ||||
| CVE-2025-46290 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. A remote attacker may be able to cause a denial-of-service. | ||||
| CVE-2025-43526 | 1 Apple | 3 Macos, Macos Tahoe, Safari | 2026-04-02 | 9.8 Critical |
| This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted. | ||||
| CVE-2025-43510 | 1 Apple | 11 Ios, Ipad Os, Ipados and 8 more | 2026-04-02 | 7.8 High |
| A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpected changes in memory shared between processes. | ||||
| CVE-2025-43413 | 1 Apple | 11 Ios, Ipad Os, Ipados and 8 more | 2026-04-02 | 7.5 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A sandboxed app may be able to observe system-wide network connections. | ||||
| CVE-2025-43359 | 1 Apple | 10 Ios, Ipados, Iphone Os and 7 more | 2026-04-02 | 9.8 Critical |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all interfaces. | ||||
| CVE-2025-43330 | 1 Apple | 3 Macos, Macos Sequoia, Macos Tahoe | 2026-04-02 | 8.2 High |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43273 | 1 Apple | 2 Macos, Macos Sequoia | 2026-04-02 | 9.1 Critical |
| A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions. | ||||
| CVE-2025-31224 | 1 Apple | 1 Macos | 2026-04-02 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2025-31189 | 1 Apple | 1 Macos | 2026-04-02 | 8.2 High |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to break out of its sandbox. | ||||
| CVE-2025-24180 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 8.1 High |
| The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix. | ||||
| CVE-2024-44122 | 1 Apple | 1 Macos | 2026-04-02 | 8.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An application may be able to break out of its sandbox. | ||||
| CVE-2024-27872 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.6. An app may be able to access protected user data. | ||||
| CVE-2024-23285 | 1 Apple | 1 Macos | 2026-04-02 | 7.8 High |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk. | ||||
| CVE-2024-23284 | 5 Apple, Fedoraproject, Redhat and 2 more | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 6.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | ||||
| CVE-2025-43261 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-02 | 9.8 Critical |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox. | ||||
| CVE-2024-44132 | 1 Apple | 1 Macos | 2026-04-02 | 8.4 High |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | ||||
| CVE-2026-20701 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to connect to a network share without user consent. | ||||
| CVE-2025-46281 | 1 Apple | 2 Macos, Macos Tahoe | 2026-04-02 | 8.4 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox. | ||||