CVE ID : CVE-2025-31240
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. Mounting a maliciously crafted AFP network share may lead to system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31250
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31251
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31253
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31256
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31257
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31258
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31259
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-31260
Published : May 12, 2025, 10:15 p.m. | 1 hour, 28 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46825
Published : May 12, 2025, 11:15 p.m. | 28 minutes ago
Description : Kanboard is project management software that focuses on the Kanban methodology. Versions 1.2.26 through 1.2.44 have a Stored Cross-Site Scripting (XSS) Vulnerability in the `name` parameter of the `http://localhost/?controller=ProjectCreationController&action=create` form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. Note that the default content security policy (CSP) blocks the JavaScript attack, though it can be exploited if an instance is badly configured and the software is vulnerable to CSS injection because of the unsafe-inline on the default CSP. Version 1.2.45 contains a fix for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3632
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46739
Published : May 12, 2025, 5:15 p.m. | 1 hour, 59 minutes ago
Description : An unauthenticated user could discover account credentials via a brute-force attack without rate limiting
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-45779
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46740
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : An authenticated user without user administrative permissions could change the administrator Account Name.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46741
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46742
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : Users who were required to change their password could still access system information before changing their password
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46743
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : An authenticated user’s token could be used by another source after the user had logged out prior to the token expiring.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46749
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46745
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : An authenticated user without user-management permissions could view other users’ account information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-46746
Published : May 12, 2025, 5:15 p.m. | 2 hours, 27 minutes ago
Description : An administrator could discover another account’s credentials.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…