Total
319 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44223 | 1 Apple | 1 Macos | 2025-01-06 | 4.6 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window. | ||||
| CVE-2024-56317 | 2025-01-02 | 7.5 High | ||
| In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by access-control-server.cpp, i.e., a denial of service. | ||||
| CVE-2024-22177 | 1 Openatom | 1 Openharmony | 2025-01-02 | 3.3 Low |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission. | ||||
| CVE-2024-37649 | 2024-12-31 | 4.6 Medium | ||
| Insecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and before allows a physically proximate attacker to obtain sensitive information via the modification of user credentials. | ||||
| CVE-2024-54515 | 1 Apple | 1 Macos | 2024-12-21 | 7.8 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to gain root privileges. | ||||
| CVE-2024-54465 | 1 Apple | 1 Macos | 2024-12-21 | 9.8 Critical |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2. An app may be able to elevate privileges. | ||||
| CVE-2024-21816 | 1 Openatom | 1 Openharmony | 2024-12-16 | 4 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions. | ||||
| CVE-2024-41644 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 9.8 Critical |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component. | ||||
| CVE-2024-41645 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 9.8 Critical |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl. | ||||
| CVE-2024-41646 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 9.8 Critical |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller. | ||||
| CVE-2024-41648 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.1 High |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller. | ||||
| CVE-2024-41649 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 9.8 Critical |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_. | ||||
| CVE-2024-41650 | 1 Openrobotics | 1 Robot Operating System | 2024-12-13 | 7.1 High |
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d. | ||||
| CVE-2024-54484 | 1 Apple | 1 Macos | 2024-12-13 | 5.5 Medium |
| The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54513 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-13 | 5.7 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to access sensitive user data. | ||||
| CVE-2024-50930 | 2024-12-12 | 8.8 High | ||
| An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code. | ||||
| CVE-2024-50928 | 2024-12-12 | 6.5 Medium | ||
| Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the wakeup interval of end devices in controller memory, disrupting the device's communications with the controller. | ||||
| CVE-2024-50924 | 2024-12-12 | 6.5 Medium | ||
| Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller. | ||||
| CVE-2024-50921 | 2024-12-12 | 6.5 Medium | ||
| Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause a Denial of Service (DoS) via repeatedly sending crafted packets to the controller. | ||||
| CVE-2024-40824 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-12-11 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, tvOS 17.6. An app may be able to bypass Privacy preferences. | ||||