Export limit exceeded: 336280 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336280 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28844 | 1 Apple | 1 Macos | 2026-03-25 | 6.5 Medium |
| A file access issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.4. An attacker may gain access to protected parts of the file system. | ||||
| CVE-2026-28845 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access protected user data. | ||||
| CVE-2026-28855 | 1 Apple | 2 Ios And Ipados, Macos | 2026-03-25 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3. An app may be able to access protected user data. | ||||
| CVE-2026-28857 | 1 Apple | 4 Ios And Ipados, Macos, Safari and 1 more | 2026-03-25 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28862 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data. | ||||
| CVE-2026-28863 | 1 Apple | 4 Ios And Ipados, Tvos, Visionos and 1 more | 2026-03-25 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to fingerprint the user. | ||||
| CVE-2026-28864 | 1 Apple | 4 Ios And Ipados, Macos, Visionos and 1 more | 2026-03-25 | 3.3 Low |
| This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items. | ||||
| CVE-2026-28865 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | N/A |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker in a privileged network position may be able to intercept network traffic. | ||||
| CVE-2026-28866 | 1 Apple | 2 Ios And Ipados, Macos | 2026-03-25 | N/A |
| This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2026-28867 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | N/A |
| This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state. | ||||
| CVE-2026-28868 | 1 Apple | 4 Ios And Ipados, Macos, Visionos and 1 more | 2026-03-25 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory. | ||||
| CVE-2026-28871 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-03-25 | N/A |
| A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack. | ||||
| CVE-2026-28874 | 1 Apple | 1 Ios And Ipados | 2026-03-25 | N/A |
| The issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may cause an unexpected app termination. | ||||
| CVE-2026-28886 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | N/A |
| A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service. | ||||
| CVE-2026-28889 | 1 Apple | 1 Xcode | 2026-03-25 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root. | ||||
| CVE-2026-28890 | 1 Apple | 1 Xcode | 2026-03-25 | N/A |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 26.4. An app may be able to cause unexpected system termination. | ||||
| CVE-2026-28893 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview. | ||||
| CVE-2026-28879 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28892 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system. | ||||
| CVE-2026-23282 | 1 Linux | 1 Linux Kernel | 2026-03-25 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2_unlink() If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, hence calling SMB2_open_free(), SMB2_close_free() or smb2_set_related() on them will oops. Fix this by initialising @close_iov and @open_iov before setting them in @rqst. | ||||