Search Results (362 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-0914 2026-04-15 3.8 Low
An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly forbidden by configuring the prevent_execve flag in the configuration file. This setting is not usually recommended and is uncommonly used, so this issue will only affect users who do set it. This issue is fixed in release 0.73.4.
CVE-2024-37649 2026-04-15 4.6 Medium
Insecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and before allows a physically proximate attacker to obtain sensitive information via the modification of user credentials.
CVE-2024-29080 2026-04-15 6.5 Medium
Potential vulnerabilities have been identified in the HP Display Control software component within the HP Application Enabling Software Driver which might allow escalation of privilege.
CVE-2024-43784 2026-04-15 5.7 Medium
lakeFS is an open-source tool that transforms object storage into a Git-like repository. Existing lakeFS users who have issued credentials to users who have been deleted are affected by this vulnerability. When creating a new user with the same username as a deleted user, that user will inherit all of the previous user's credentials. This issue has been addressed in release version 1.33.0 and all users are advised to upgrade. The only known workaround for those who cannot upgrade is to not reuse usernames.
CVE-2024-46941 2026-04-15 N/A
SystemUI has an incorrect component protection setting, which allows access to specific information.
CVE-2026-35385 1 Openbsd 1 Openssh 2026-04-03 7.5 High
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
CVE-2025-30449 1 Apple 1 Macos 2026-04-02 7.8 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
CVE-2024-54557 1 Apple 1 Macos 2026-04-02 7.5 High
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system.
CVE-2024-54516 1 Apple 1 Macos 2026-04-02 3.3 Low
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to approve a launch daemon without user consent.
CVE-2024-54513 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-04-02 5.7 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to access sensitive user data.
CVE-2024-44193 1 Apple 1 Itunes 2026-04-02 8.4 High
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.
CVE-2024-40828 1 Apple 1 Macos 2026-04-02 8.4 High
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicious app may be able to gain root privileges.
CVE-2024-40824 1 Apple 6 Ipad Os, Ipados, Iphone Os and 3 more 2026-04-02 7.7 High
This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
CVE-2024-40821 1 Apple 1 Macos 2026-04-02 8.4 High
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Third party app extensions may not receive the correct sandbox restrictions.
CVE-2024-40811 1 Apple 1 Macos 2026-04-02 8.4 High
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app may be able to modify protected parts of the file system.
CVE-2024-40805 1 Apple 7 Ios, Ipad Os, Ipados and 4 more 2026-04-02 7.7 High
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
CVE-2024-40800 1 Apple 1 Macos 2026-04-02 8.4 High
An input validation issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.
CVE-2024-27888 1 Apple 1 Macos 2026-04-02 7.1 High
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system.
CVE-2024-44149 1 Apple 1 Macos 2026-04-02 7.5 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
CVE-2024-54515 1 Apple 1 Macos 2026-04-02 7.8 High
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to gain root privileges.