Export limit exceeded: 11192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11192 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-40852 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 7.5 High |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access. | ||||
| CVE-2024-44305 | 1 Apple | 1 Macos | 2026-04-02 | 7.8 High |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges. | ||||
| CVE-2024-44217 | 1 Apple | 3 Ipad Os, Ipados, Iphone Os | 2026-04-02 | 9.1 Critical |
| A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication. | ||||
| CVE-2024-54495 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to modify protected parts of the file system. | ||||
| CVE-2025-24141 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 3.3 Low |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked. | ||||
| CVE-2024-40839 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 2.4 Low |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen. | ||||
| CVE-2024-44162 | 1 Apple | 1 Xcode | 2026-04-02 | 7.8 High |
| This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items. | ||||
| CVE-2024-40770 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings. | ||||
| CVE-2024-40843 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-44136 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 9.1 Critical |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection. | ||||
| CVE-2024-44208 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2025-43307 | 1 Apple | 1 Macos | 2026-04-02 | 4 Medium |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | ||||
| CVE-2026-33576 | 1 Openclaw | 1 Openclaw | 2026-04-02 | 6.5 Medium |
| OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo channels before validating sender authorization. Unauthorized senders can force network fetches and disk writes to the media store by sending messages that are subsequently rejected. | ||||
| CVE-2026-33578 | 1 Openclaw | 1 Openclaw | 2026-04-02 | 4.3 Medium |
| OpenClaw before 2026.3.28 contains a sender policy bypass vulnerability in the Google Chat and Zalouser extensions where route-level group allowlist policies silently downgrade to open policy. Attackers can exploit this policy resolution flaw to bypass sender restrictions and interact with bots despite configured allowlist restrictions. | ||||
| CVE-2026-33577 | 1 Openclaw | 1 Openclaw | 2026-04-02 | 8.1 High |
| OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privileges onto paired nodes beyond their authorization level. | ||||
| CVE-2026-3210 | 2 Drupal, Imagexmedia | 2 Material Icons, Material Icons | 2026-04-02 | 5.3 Medium |
| Incorrect Authorization vulnerability in Drupal Material Icons allows Forceful Browsing.This issue affects Material Icons: from 0.0.0 before 2.0.4. | ||||
| CVE-2026-3525 | 2 Drupal, Geeks4change | 2 File Access Fix (deprecated), File Access Fix | 2026-04-02 | 5.3 Medium |
| Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful Browsing.This issue affects File Access Fix (deprecated): from 0.0.0 before 1.2.0. | ||||
| CVE-2026-3526 | 2 Drupal, Geeks4change | 2 File Access Fix (deprecated), File Access Fix | 2026-04-02 | 5.3 Medium |
| Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful Browsing.This issue affects File Access Fix (deprecated): from 0.0.0 before 1.2.0. | ||||
| CVE-2026-3573 | 2 Artificial Intelligence Project, Drupal | 2 Artificial Intelligence, Artificial Intelligence | 2026-04-02 | 7.5 High |
| Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Resource Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.1.11, from 1.2.0 before 1.2.12. | ||||
| CVE-2026-4933 | 2 Drupal, Jeroenb | 2 Unpublished Node Permissions, Unpublished Node Permissions | 2026-04-02 | 7.5 High |
| Incorrect Authorization vulnerability in Drupal Unpublished Node Permissions allows Forceful Browsing.This issue affects Unpublished Node Permissions: from 0.0.0 before 1.7.0. | ||||