Total
9776 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2260 | 1 Stardict | 1 Stardict | 2025-11-04 | N/A |
| stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2023-42936 | 1 Apple | 8 Ipados, Iphone Os, Macos and 5 more | 2025-11-04 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sensitive data. | ||||
| CVE-2023-42934 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-04 | 4.2 Medium |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information. | ||||
| CVE-2023-42884 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-11-04 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory. | ||||
| CVE-2023-41987 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data. | ||||
| CVE-2023-41260 | 1 Bestpractical | 1 Request Tracker | 2025-11-04 | 7.5 High |
| Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. | ||||
| CVE-2023-41259 | 1 Bestpractical | 1 Request Tracker | 2025-11-04 | 7.5 High |
| Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. | ||||
| CVE-2023-40411 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14. An app may be able to access user-sensitive data. | ||||
| CVE-2023-40403 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2025-11-04 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information. | ||||
| CVE-2023-28708 | 2 Apache, Redhat | 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server | 2025-11-04 | 4.3 Medium |
| When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel. Older, EOL versions may also be affected. | ||||
| CVE-2025-59260 | 1 Microsoft | 7 Server, Windows Server, Windows Server 2016 and 4 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-59214 | 1 Microsoft | 20 Windows, Windows 10, Windows 10 1507 and 17 more | 2025-11-04 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59209 | 1 Microsoft | 19 Windows, Windows 10, Windows 10 1507 and 16 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-59188 | 1 Microsoft | 6 Windows Server, Windows Server 2012, Windows Server 2016 and 3 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-55699 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-55683 | 1 Microsoft | 7 Windows, Windows Server, Windows Server 2016 and 4 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-55679 | 1 Microsoft | 15 Windows, Windows 10, Windows 10 1809 and 12 more | 2025-11-04 | 5.1 Medium |
| Improper input validation in Windows Kernel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-59294 | 1 Microsoft | 18 Windows, Windows 10, Windows 10 1507 and 15 more | 2025-11-04 | 2.1 Low |
| Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. | ||||
| CVE-2025-59284 | 1 Microsoft | 8 Windows, Windows 11, Windows 11 22h2 and 5 more | 2025-11-04 | 3.3 Low |
| Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2025-59211 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-11-04 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | ||||