Total
308570 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7739 | 1 Yzane | 1 Markdown Pdf | 2025-09-02 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-44271 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 3.3 LOW |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator. | |||||
| CVE-2024-54554 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data. | |||||
| CVE-2024-54568 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 4.3 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination. | |||||
| CVE-2025-43187 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code. | |||||
| CVE-2025-43255 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 3.3 LOW |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination. | |||||
| CVE-2025-43268 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 7.8 HIGH |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. | |||||
| CVE-2025-43284 | 1 Apple | 1 Macos | 2025-09-02 | N/A | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination. | |||||
| CVE-2025-3576 | 2025-09-02 | N/A | 5.9 MEDIUM | ||
| A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. | |||||
| CVE-2025-8067 | 2025-09-02 | N/A | 8.5 HIGH | ||
| A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users. | |||||
| CVE-2025-5914 | 2 Libarchive, Redhat | 3 Libarchive, Enterprise Linux, Openshift Container Platform | 2025-09-02 | N/A | 7.3 HIGH |
| A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. | |||||
| CVE-2025-58421 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58420 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58419 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58418 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58417 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58416 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58415 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-58414 | 2025-09-02 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-4373 | 2025-09-02 | N/A | 4.8 MEDIUM | ||
| A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. | |||||