Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24263 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 9.8 CRITICAL |
| A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data. | |||||
| CVE-2025-24282 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system. | |||||
| CVE-2025-24281 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data. | |||||
| CVE-2025-24226 | 1 Apple | 1 Xcode | 2025-04-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information. | |||||
| CVE-2025-24204 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. | |||||
| CVE-2024-54550 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-04 | N/A | 4.0 MEDIUM |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs. | |||||
| CVE-2025-24102 | 1 Apple | 2 Ipados, Macos | 2025-04-04 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current location. | |||||
| CVE-2024-40864 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 2.7 LOW |
| The issue was addressed with improved handling of protocols. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An attacker in a privileged network position can track a user's activity. | |||||
| CVE-2025-24164 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-45925 | 1 Opentext | 1 Opentext Extended Ecm | 2025-04-04 | N/A | 7.5 HIGH |
| An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remote_adde and server_name, which is an information disclosure. | |||||
| CVE-2022-2907 | 1 Gitlab | 1 Gitlab | 2025-04-04 | N/A | 5.7 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link. | |||||
| CVE-2025-31183 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-04-04 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. | |||||
| CVE-2024-54547 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to access protected user data. | |||||
| CVE-2025-30463 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. | |||||
| CVE-2025-24239 | 1 Apple | 1 Macos | 2025-04-04 | N/A | 6.5 MEDIUM |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. | |||||
| CVE-2024-30569 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | N/A | 7.5 HIGH |
| An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||||
| CVE-2024-30570 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | N/A | 5.3 MEDIUM |
| An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||||
| CVE-2024-30571 | 1 Netgear | 2 R6850, R6850 Firmware | 2025-04-04 | N/A | 7.5 HIGH |
| An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | |||||
| CVE-2024-6612 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-04 | N/A | 5.3 MEDIUM |
| CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128. | |||||
| CVE-2024-43283 | 1 Contest-gallery | 1 Contest Gallery | 2025-04-04 | N/A | 5.3 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 23.1.2. | |||||