Svi - CERT CVE

Rezultati pretraživanja za 'Od datuma: 30.03.2026.'

ID CVSS Sažetak Zadnje ažurirano Objavljeno
CVE-2025-31960 5.3 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumer_company parameter during a report-vie 2026-05-07 17:05:54 2026-05-06 19:16:35
CVE-2026-7957 8.8 Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Mediu 2026-05-07 17:04:42 2026-05-06 19:16:44
CVE-2026-43579 6.5 OpenClaw before 2026.4.10 contains an insufficient access control vulnerability in Nostr plugin HTTP profile routes that allows operators with write permissions to persist profile configuration without requiring admin authority. Attackers with operat 2026-05-07 17:04:32 2026-05-06 20:16:33
CVE-2026-43578 9.1 OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion con 2026-05-07 17:04:24 2026-05-06 20:16:33
CVE-2026-43577 6.5 OpenClaw before 2026.4.9 contains a file read vulnerability allowing attackers to bypass navigation guards through browser act/evaluate interactions. Attackers can pivot into the local CDP origin and create or read disallowed file:// pages despite di 2026-05-07 17:04:12 2026-05-06 20:16:33
CVE-2026-43576 7.7 OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop targets. The webSocketDebuggerUrl response field is not properly validate 2026-05-07 17:04:04 2026-05-06 20:16:33
CVE-2026-43575 9.8 OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers can access the noVNC helper route without bridge authenticat 2026-05-07 17:03:55 2026-05-06 20:16:33
CVE-2026-43574 6.5 OpenClaw before 2026.4.12 contains an improper authorization vulnerability in helper-backed channels where empty resolved approver lists are interpreted as explicit approval authorization. Attackers can resolve pending approvals without proper author 2026-05-07 17:03:43 2026-05-05 12:16:21
CVE-2026-43573 7.7 OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in existing-session browser interaction routes. Attackers can bypass SSRF navigation guards to interact with or navigate to unauthorized targets without poli 2026-05-07 17:03:34 2026-05-05 12:16:21
CVE-2026-31723 5.5 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix net_device lifecycle with device_move The net_device is allocated during function instance creation and registered during the bind phase with the gadget 2026-05-07 17:03:30 2026-05-01 15:16:34
ID CVSS Sažetak Zadnje ažurirano Objavljeno
CVE-2018-4451 9.3 This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. 2020-10-30 02:01:00 2020-10-27 20:15:00
CVE-2019-8712 10.0 A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2019-8709 9.3 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2019-8824 9.3 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2018-4452 9.3 A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se 2020-10-30 02:00:00 2020-10-27 20:15:00
CVE-2019-8716 10.0 A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2019-8836 9.3 A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2019-8740 9.3 A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. 2021-07-21 11:39:00 2020-10-27 20:15:00
CVE-2020-27976 10.0 osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. 2020-10-29 23:35:00 2020-10-28 15:15:00
CVE-2019-8539 9.3 A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co 2020-10-30 15:13:00 2020-10-27 20:15:00
Stranica
/731
Zapisa po stranici: