CVE-2024-27789

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-922
View all →

Vulnerability Description

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, macOS Sonoma 14.4. An app may be able to access user-sensitive data.

Related Vulnerabilities

CVE-2018-20886

MEDIUM
CVSS:5.3(Medium)

cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).

CWE-9222018

CVE-2019-14957

MEDIUM
CVSS:5.3(Medium)

The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.

CWE-9222019

CVE-2019-4549

MEDIUM
CVSS:5.3(Medium)

IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165951.

CWE-9222019

CVE-2020-13937

MEDIUM
CVSS:5.3(Medium)

Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3...

CWE-9222020

CVE-2022-32833

MEDIUM
CVSS:5.3(Medium)

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to acce...

CWE-9222022

CVE-2023-37521

MEDIUM
CVSS:5.3(Medium)

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack.

CWE-9222023