Total
8803 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48797 | 2025-03-25 | N/A | 7.5 HIGH | ||
| An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process. | |||||
| CVE-2021-39019 | 3 Ibm, Linux, Microsoft | 4 Engineering Lifecycle Optimization - Publishing, Engineering Lifecycle Optimization Publishing, Linux Kernel and 1 more | 2025-03-25 | N/A | 6.5 MEDIUM |
| IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose highly sensitive information through an HTTP GET request to an authenticated user. IBM X-Force ID: 213728. | |||||
| CVE-2024-49733 | 2025-03-25 | N/A | 5.5 MEDIUM | ||
| In reload of ServiceListing.java , there is a possible way to allow a malicious app to hide an NLS from Settings due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-48310 | 2025-03-25 | N/A | 7.5 HIGH | ||
| AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information. | |||||
| CVE-2023-23592 | 1 Wallix | 1 Bastion Access Manager | 2025-03-24 | N/A | 7.5 HIGH |
| WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive information. | |||||
| CVE-2024-54547 | 2025-03-24 | N/A | 5.5 MEDIUM | ||
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to access protected user data. | |||||
| CVE-2024-48798 | 2025-03-24 | N/A | 7.5 HIGH | ||
| An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to obtain sensitive information via the firmware update process. | |||||
| CVE-2024-40823 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to access user-sensitive data. | |||||
| CVE-2024-31817 | 1 Totolink | 2 Ex200, Ex200 Firmware | 2025-03-24 | N/A | 7.5 HIGH |
| In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getSysStatusCfg. | |||||
| CVE-2025-24138 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 5.5 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious application may be able to leak sensitive user information. | |||||
| CVE-2025-0525 | 2025-03-24 | N/A | N/A | ||
| In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could provide an adversary with information that may aid in further attacks against the server. | |||||
| CVE-2024-49734 | 2025-03-24 | N/A | 7.5 HIGH | ||
| In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a VPN due to side channel information disclosure. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-48799 | 2025-03-24 | N/A | 7.5 HIGH | ||
| An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process. | |||||
| CVE-2024-40838 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 3.3 LOW |
| A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device. | |||||
| CVE-2024-40775 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 5.5 MEDIUM |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information. | |||||
| CVE-2022-46650 | 1 Sierrawireless | 9 Aleos, Es450, Gx450 and 6 more | 2025-03-24 | N/A | 4.9 MEDIUM |
| Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page. | |||||
| CVE-2024-30469 | 1 Wpexperts | 1 Wholesale For Woocommerce | 2025-03-24 | N/A | 5.3 MEDIUM |
| Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. | |||||
| CVE-2024-27356 | 2025-03-24 | N/A | 7.5 HIGH | ||
| An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203. | |||||
| CVE-2022-48610 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-24 | N/A | 5.5 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data. | |||||
| CVE-2025-24146 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Deleting a conversation in Messages may expose user contact information in system logging. | |||||