ReportizFlow
Filtered by vendor
Subscriptions
Total
5029 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32238 | 3 Codexthemes, Elementor, Wordpress | 3 Thegem, Elementor, Wordpress | 2026-04-28 | 5.4 Medium |
| Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | ||||
| CVE-2022-40216 | 1 Wordplus | 1 Better Messages | 2026-04-28 | 4.3 Medium |
| Auth. (subscriber+) Messaging Block Bypass vulnerability in Better Messages plugin <= 1.9.10.69 on WordPress. | ||||
| CVE-2026-35245 | 1 Oracle | 1 Vm Virtualbox | 2026-04-28 | 7.5 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | ||||
| CVE-2026-7238 | 1 Code-projects | 1 Online Music Site | 2026-04-28 | 4.7 Medium |
| A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-24303 | 1 Microsoft | 1 Partner Center | 2026-04-28 | 9.6 Critical |
| Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-30433 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 9.8 Critical |
| This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. | ||||
| CVE-2025-30438 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 5.5 Medium |
| This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started. | ||||
| CVE-2025-30462 | 1 Apple | 1 Macos | 2026-04-28 | 9.8 Critical |
| A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions. | ||||
| CVE-2025-24218 | 1 Apple | 1 Macos | 2026-04-28 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. An app may be able to access information about a user's contacts. | ||||
| CVE-2025-31258 | 1 Apple | 1 Macos | 2026-04-28 | 6.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox. | ||||
| CVE-2025-31212 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. An app may be able to access sensitive user data. | ||||
| CVE-2025-30436 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 9.1 Critical |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls. | ||||
| CVE-2025-43192 | 1 Apple | 3 Macos, Sequoia, Sonoma | 2026-04-28 | 9.8 Critical |
| A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-driven User Enrollment may still be possible with Lockdown Mode turned on. | ||||
| CVE-2025-43263 | 1 Apple | 1 Xcode | 2026-04-28 | 7.1 High |
| The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sandbox. | ||||
| CVE-2025-43317 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-28 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data. | ||||
| CVE-2025-43291 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 5.5 Medium |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system. | ||||
| CVE-2025-31268 | 1 Apple | 1 Macos | 2026-04-28 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data. | ||||
| CVE-2025-24088 | 1 Apple | 1 Macos | 2026-04-28 | 7.5 High |
| The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settings from profiles. | ||||
| CVE-2025-43308 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-28 | 3.3 Low |
| This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data. | ||||
| CVE-2025-43332 | 1 Apple | 1 Macos | 2026-04-28 | 5.2 Medium |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox. | ||||