Total
4348 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61114 | 2 Autobizline, Google | 2 Mysecondline, Android | 2025-11-04 | 7.5 High |
| 2nd Line Android App version v1.2.92 and before (package name com.mysecondline.app), developed by AutoBizLine, Inc., contains an improper access control vulnerability in its authentication mechanism. The server only validates the first character of the user_token, enabling attackers to brute force tokens and perform unauthorized queries on other user accounts. Successful exploitation could result in privacy breaches and unauthorized access to user data. | ||||
| CVE-2025-63423 | 1 Each Italy | 1 Wireless Mini Router | 2025-11-04 | 7.5 High |
| Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 was discovered to store the Administrator password. | ||||
| CVE-2025-61120 | 2 Google, Io Fit | 2 Android, Ag Life Logger App | 2025-11-04 | 7.5 High |
| AG Life Logger Android App version v1.0.2.72 and before (package name com.donki.healthy), developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force account logins feasible. Successful exploitation could result in account compromise, privacy breaches, and abuse of cloud resources. | ||||
| CVE-2025-63422 | 1 Each Italy | 1 Wireless Mini Router | 2025-11-04 | 7.5 High |
| Incorrect access control in the Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to arbitrarily change the administrator username and password via sending a crafted GET request. | ||||
| CVE-2025-61115 | 3 Abc Liquors, Google, Wine | 3 Fine Wine And Spirits App, Android, Wine | 2025-11-04 | 7.5 High |
| ABC Fine Wine & Spirits Android App version v.11.27.5 and before (package name com.cta.abcfinewineandspirits), developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication, allowing attackers to bypass login checks and obtain valid session identifiers. Successful exploitation could result in unauthorized account access, privacy breaches, and misuse of the platform. | ||||
| CVE-2025-61118 | 2 Google, Skytop | 2 Android, Mcarfix App | 2025-11-04 | 7.5 High |
| mCarFix Motorists App version 2.3 (package name com.skytop.mcarfix), developed by Paniel Mwaura, contains improper access control vulnerabilities. Attackers may bypass verification to arbitrarily register accounts, and by tampering with sequential numeric IDs, gain unauthorized access to user data and groups. Successful exploitation could result in fake account creation, privacy breaches, and misuse of the platform. | ||||
| CVE-2025-29270 | 1 Deep Sea Electronics | 1 Dse855 | 2025-11-04 | 10 Critical |
| Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device. | ||||
| CVE-2025-43332 | 1 Apple | 1 Macos | 2025-11-04 | 5.2 Medium |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to break out of its sandbox. | ||||
| CVE-2025-43321 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-04 | 5.5 Medium |
| The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. | ||||
| CVE-2025-43319 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. | ||||
| CVE-2025-43317 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may be able to access sensitive user data. | ||||
| CVE-2025-43315 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-04 | 5.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access user-sensitive data. | ||||
| CVE-2025-43308 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-04 | 3.3 Low |
| This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data. | ||||
| CVE-2025-43305 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. A malicious app may be able to access private information. | ||||
| CVE-2025-43291 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to modify protected parts of the file system. | ||||
| CVE-2025-43285 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. | ||||
| CVE-2025-31269 | 1 Apple | 3 Macos, Macos Sonoma, Macos Tahoe | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8. An app may be able to access protected user data. | ||||
| CVE-2025-31268 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. | ||||
| CVE-2025-24197 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-11-04 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data. | ||||
| CVE-2024-30146 | 1 Hcltech | 1 Domino Leap | 2025-11-04 | 4.1 Medium |
| Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem. | ||||