Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-9958 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-44170 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-25 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitive data. | |||||
| CVE-2024-40840 | 1 Apple | 2 Ipados, Iphone Os | 2025-03-25 | N/A | 4.6 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data. | |||||
| CVE-2024-9963 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-40860 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-9964 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) | |||||
| CVE-2024-42978 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-25 | N/A | 9.8 CRITICAL |
| An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. | |||||
| CVE-2024-40847 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive user data. | |||||
| CVE-2024-40826 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | N/A | 6.1 MEDIUM |
| A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview. | |||||
| CVE-2024-44130 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 4.4 MEDIUM |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information. | |||||
| CVE-2024-40827 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to overwrite arbitrary files. | |||||
| CVE-2024-6608 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-03-25 | N/A | 4.3 MEDIUM |
| It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128. | |||||
| CVE-2024-9962 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-44164 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-25 | N/A | 7.1 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to bypass Privacy preferences. | |||||
| CVE-2024-9966 | 1 Google | 1 Chrome | 2025-03-25 | N/A | 5.3 MEDIUM |
| Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2024-44171 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2025-03-25 | N/A | 4.6 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features. | |||||
| CVE-2024-44165 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-25 | N/A | 7.5 HIGH |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel. | |||||
| CVE-2024-44153 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data. | |||||
| CVE-2024-44146 | 1 Apple | 1 Macos | 2025-03-25 | N/A | 10.0 CRITICAL |
| A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | |||||
| CVE-2024-6148 | 1 Citrix | 1 Workspace | 2025-03-25 | N/A | 8.8 HIGH |
| Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 | |||||