VDB

GCVE-110-NCSC-2024-382

GCVE-110-NCSC-2024-382
Advisory PublishedCVSS 9.1/10
Vulnetix · Advisory published September 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor

Weaknesses (CWE)

CWE-275-CWE-122Heap-based Buffer OverflowCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-285Improper AuthorizationCWE-284Improper Access ControlCWE-404Improper Resource Shutdown or ReleaseCWE-942Permissive Cross-domain Policy with Untrusted DomainsCWE-190Integer Overflow or WraparoundCWE-287Improper Authentication

Risk Scores

CVSS 3.1
9.1/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products

VendorProductVersionsPlatforms
appleios__18
appleipados__17.7
appleios__17.7
appleipados__18

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›