|
308841
|
6.1 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
|
A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri…
|
NVD-CWE-noinfo
|
CVE-2024-40826
|
2024-09-24 04:25 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308842
|
3.3 |
LOW
Local
|
apple
|
iphone_os
ipados
|
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.
|
NVD-CWE-noinfo
|
CVE-2024-40830
|
2024-09-24 04:19 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308843
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40831
|
2024-09-24 04:18 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308844
|
- |
|
-
|
-
|
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 13…
|
-
|
CVE-2024-25073
|
2024-09-24 04:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308845
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.
|
NVD-CWE-noinfo
|
CVE-2024-27860
|
2024-09-24 04:10 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308846
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
|
NVD-CWE-noinfo
|
CVE-2024-40837
|
2024-09-24 03:50 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308847
|
6.5 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak …
|
CWE-22
Path Traversal
|
CVE-2024-45816
|
2024-09-24 03:41 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308848
|
6.5 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the s…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2024-45815
|
2024-09-24 03:31 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308849
|
5.4 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46976
|
2024-09-24 03:27 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308850
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8907
|
2024-09-24 03:23 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
