Total
32129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38312 | 1 Mozilla | 1 Firefox | 2025-03-19 | N/A | 6.5 MEDIUM |
| When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. | |||||
| CVE-2024-27853 | 1 Apple | 1 Macos | 2025-03-19 | N/A | 4.4 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A maliciously crafted ZIP archive may bypass Gatekeeper checks. | |||||
| CVE-2022-43969 | 1 Ricoh | 154 Im 2500, Im 2500 Firmware, Im 2702 and 151 more | 2025-03-19 | N/A | 9.1 CRITICAL |
| Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. | |||||
| CVE-2025-24159 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-03-19 | N/A | 7.8 HIGH |
| A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2025-24109 | 1 Apple | 1 Macos | 2025-03-19 | N/A | 5.5 MEDIUM |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data. | |||||
| CVE-2024-44152 | 1 Apple | 1 Macos | 2025-03-19 | N/A | 7.5 HIGH |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. | |||||
| CVE-2025-26706 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 5.4 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.07. | |||||
| CVE-2024-0020 | 1 Google | 1 Android | 2025-03-19 | N/A | 5.5 MEDIUM |
| In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-26705 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 5.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26704 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 6.4 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. | |||||
| CVE-2025-26703 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.3 MEDIUM |
| Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2025-26702 | 1 Zte | 1 Goldendb | 2025-03-19 | N/A | 4.9 MEDIUM |
| Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. | |||||
| CVE-2024-26795 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap’s bounds will be respected during pfn_to_page()/page_to_pfn() operations. The conversion macros will produce correct SV39/48/57 addresses for every possible/valid DRAM_BASE inside the physical memory limits. v2:Address Alex's comments | |||||
| CVE-2021-47006 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_event_alloc(), and replace the check event->overflow_handler with is_default_overflow_handler(), but one is missing. Currently, the bp->overflow_handler can not be NULL. As a result, enable_single_step() is always not invoked. Comments from Zhen Lei: https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/ | |||||
| CVE-2022-44595 | 1 Melapress | 1 Wp 2fa | 2025-03-19 | N/A | 5.3 MEDIUM |
| Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue affects WP 2FA: from n/a through 2.2.0. | |||||
| CVE-2024-8900 | 1 Mozilla | 1 Firefox | 2025-03-18 | N/A | 7.5 HIGH |
| An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. | |||||
| CVE-2024-6610 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-03-18 | N/A | 4.3 MEDIUM |
| Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. | |||||
| CVE-2024-44163 | 1 Apple | 1 Macos | 2025-03-18 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to access private information. | |||||
| CVE-2024-41623 | 1 D3dsecurity | 2 D8801, D8801 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload | |||||
| CVE-2024-41600 | 1 Talelin | 1 Lin-cms-spring-boot | 2025-03-18 | N/A | 7.5 HIGH |
| Insecure Permissions vulnerability in lin-CMS Springboot v.0.2.1 and before allows a remote attacker to obtain sensitive information via the login method in the UserController.java component. | |||||