Total
369 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27789 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-02 | 5.3 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 14.4, macOS Ventura 13.6.7. An app may be able to access user-sensitive data. | ||||
| CVE-2024-23290 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 5.3 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to access user-sensitive data. | ||||
| CVE-2024-23241 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2026-04-02 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4. An app may be able to leak sensitive user information. | ||||
| CVE-2024-23232 | 1 Apple | 1 Macos | 2026-04-02 | 3.3 Low |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen. | ||||
| CVE-2024-23229 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Sonoma 14.4, macOS Ventura 13.6.5. A malicious application may be able to access Find My data. | ||||
| CVE-2024-23217 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-02 | 3.3 Low |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2024-23205 | 1 Apple | 3 Ipad Os, Iphone Os, Macos | 2026-04-02 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to access sensitive user data. | ||||
| CVE-2024-44298 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access information about a user's contacts. | ||||
| CVE-2024-44175 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data. | ||||
| CVE-2024-44174 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An attacker may be able to view restricted content from the lock screen. | ||||
| CVE-2024-54549 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | ||||
| CVE-2025-24101 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54504 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-44292 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data. | ||||
| CVE-2024-44263 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 4 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to access user-sensitive data. | ||||
| CVE-2024-31278 | 1 Leap13 | 1 Premium Addons For Elementor | 2026-04-01 | 6.5 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.22. | ||||
| CVE-2026-33407 | 2 Ellite, Wallosapp | 2 Wallos, Wallos | 2026-03-27 | 9.1 Critical |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, Wallos endpoints/logos/search.php accepts HTTP_PROXY and HTTPS_PROXY environment variables without validation, enabling SSRF via proxy hijacking. The server performs DNS resolution on user-supplied search terms, which can be controlled by attackers to trigger outbound requests to arbitrary domains. This issue has been patched in version 4.7.0. | ||||
| CVE-2025-10734 | 2 Reviewx, Wordpress | 2 Reviewx – Multi-criteria Reviews For Woocommerce With Google Reviews & Schema, Wordpress | 2026-03-25 | 5.3 Medium |
| The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated attackers to extract sensitive data including user names, emails, phone numbers, addresses. | ||||
| CVE-2020-1493 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2026-02-23 | 5.5 Medium |
| An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this vulnerability, an attacker would have to attach a file as a link to an email. The email could then be shared with individuals that should not have access to the files, ignoring the default organizational setting. The security update addresses the vulnerability by correcting how Outlook handles file attachment links. | ||||
| CVE-2025-21299 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-13 | 7.1 High |
| Windows Kerberos Security Feature Bypass Vulnerability | ||||