|
1181
|
10.0 |
CRITICAL
Network
|
ivanti
|
standalone_sentry
|
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
|
CWE-78
OS Command
|
CVE-2026-10520
|
2026-06-12 21:42 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1182
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.
|
CWE-22
Path Traversal
|
CVE-2025-24268
|
2026-06-12 21:38 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1183
|
8.8 |
HIGH
Local
|
apple
|
macos
|
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-24284
|
2026-06-12 21:38 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1184
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information.
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-30431
|
2026-06-12 21:38 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1185
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2025-30459
|
2026-06-12 21:37 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1186
|
7.8 |
HIGH
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
|
CWE-269
Improper Privilege Management
|
CVE-2025-31272
|
2026-06-12 21:37 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1187
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to access sensitive user data.
|
CWE-284
Improper Access Control
|
CVE-2025-43339
|
2026-06-12 21:37 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1188
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
|
CWE-59
Link Following
|
CVE-2025-46293
|
2026-06-12 21:36 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1189
|
5.3 |
MEDIUM
Network
|
apple
|
ipados
iphone_os
macos
|
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information.
|
CWE-284
Improper Access Control
|
CVE-2025-46308
|
2026-06-12 21:36 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1190
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.
|
CWE-284
Improper Access Control
|
CVE-2025-46315
|
2026-06-12 21:35 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
