5.3

CVSS3.1

CVE-2025-20753 -

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: …

πŸ“… Published: Dec. 2, 2025, 2:34 a.m. πŸ”„ Last Modified: Dec. 4, 2025, 4:48 p.m.

5.3

CVSS3.1

CVE-2025-20792 -

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch …

πŸ“… Published: Dec. 2, 2025, 2:34 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 8:32 p.m.

8.4

CVSS3.1

CVE-2024-45675 - IBM Informix Dynamic Server Authentication Bypass

IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.

πŸ“… Published: Dec. 2, 2025, 2 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 4:57 p.m.

6.4

CVSS3.1

CVE-2025-13697 - BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Templat…

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the β€˜timestamp’ attribute in all versions up to, and including, 2.2.13 due to insufficient input sanitization and ou…

πŸ“… Published: Dec. 2, 2025, 1:51 a.m. πŸ”„ Last Modified: April 8, 2026, 5:17 p.m.

8.8

CVSS3.1

CVE-2025-12529 - Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths int…

πŸ“… Published: Dec. 2, 2025, 1:51 a.m. πŸ”„ Last Modified: April 8, 2026, 4:48 p.m.

5.4

CVSS3.0

CVE-2025-55129 -

HackerOne community member Kassem S.(kassem_s94) has reported that username handling in Revive Adserver was still vulnerable to impersonation attacks after the fix for CVE-2025-52672, via several alternate techniques. Homoglyphs based impersonation has been independently reported by other HackerOne…

πŸ“… Published: Dec. 2, 2025, 1:42 a.m. πŸ”„ Last Modified: Dec. 30, 2025, 2:31 p.m.

4.5

CVSS3.1

CVE-2025-58488 -

Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability.

πŸ“… Published: Dec. 2, 2025, 1:24 a.m. πŸ”„ Last Modified: Jan. 8, 2026, 4:33 p.m.

4

CVSS3.1

CVE-2025-58487 -

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.

πŸ“… Published: Dec. 2, 2025, 1:24 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 5:29 p.m.

4

CVSS3.1

CVE-2025-58486 -

Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.

πŸ“… Published: Dec. 2, 2025, 1:24 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 5:36 p.m.

5.5

CVSS3.1

CVE-2025-58485 -

Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.

πŸ“… Published: Dec. 2, 2025, 1:24 a.m. πŸ”„ Last Modified: Dec. 3, 2025, 5:46 p.m.
Total resulsts: 343928
Page 2333 of 34,393
Β« previous page Β» next page
Filters