Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45234 | 1 Nicmx | 1 Fort-validator | 2025-03-25 | N/A | 7.5 HIGH |
| An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics when faced with data not encoded in DER. Because Fort is an RPKI Relying Party, a panic can lead to Route Origin Validation unavailability, which can lead to compromised routing. | |||||
| CVE-2021-37491 | 1 Dogecoin | 1 Dogecoin | 2025-03-25 | N/A | 7.5 HIGH |
| An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function. | |||||
| CVE-2024-23266 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system. | |||||
| CVE-2021-37492 | 1 Ravencoin | 1 Ravencoin | 2025-03-25 | N/A | 7.5 HIGH |
| An issue discovered in src/wallet/wallet.cpp in Ravencoin Core 4.3.2.1 and earlier allows attackers to view sensitive information via CWallet::CreateTransactionAll() function. | |||||
| CVE-2024-36745 | 1 Oneflow | 1 Oneflow | 2025-03-25 | N/A | 7.5 HIGH |
| An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter. | |||||
| CVE-2023-41956 | 1 Simple-membership-plugin | 1 Simple Membership | 2025-03-25 | N/A | 8.8 HIGH |
| Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4. | |||||
| CVE-2023-41957 | 1 Simple-membership-plugin | 1 Simple Membership | 2025-03-25 | N/A | 9.8 CRITICAL |
| Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through 4.3.4. | |||||
| CVE-2025-2218 | 1 Lovecards | 1 Lovecards | 2025-03-25 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-44133 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences. | |||||
| CVE-2024-40848 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 7.5 HIGH |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An attacker may be able to read sensitive information. | |||||
| CVE-2024-40856 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | N/A | 7.5 HIGH |
| An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network. | |||||
| CVE-2024-8906 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-40837 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | |||||
| CVE-2024-46935 | 1 Rocket.chat | 1 Rocket.chat | 2025-03-25 | N/A | 7.5 HIGH |
| Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser. | |||||
| CVE-2024-40830 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | N/A | 3.3 LOW |
| This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps. | |||||
| CVE-2024-40866 | 1 Apple | 2 Macos, Safari | 2025-03-25 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing. | |||||
| CVE-2024-7975 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-44204 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver. | |||||
| CVE-2024-44207 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | N/A | 4.3 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated. | |||||
| CVE-2024-44229 | 1 Apple | 3 Ipados, Iphone Os, Visionos | 2025-03-25 | N/A | 5.3 MEDIUM |
| An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history. | |||||