5.5

CVSS3.1

CVE-2025-21012 -

Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.

πŸ“… Published: Aug. 6, 2025, 4:23 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

5.5

CVSS3.1

CVE-2025-21011 -

Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.

πŸ“… Published: Aug. 6, 2025, 4:23 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

6

CVSS3.1

CVE-2025-21010 -

Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.

πŸ“… Published: Aug. 6, 2025, 4:23 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

4

CVSS3.1

CVE-2025-20990 -

Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.

πŸ“… Published: Aug. 6, 2025, 4:22 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

9.8

CVSS3.1

CVE-2025-6994 - Reveal Listing <= 3.3 - Unauthenticated Privilege Escalation

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for…

πŸ“… Published: Aug. 6, 2025, 3:41 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

6.4

CVSS3.1

CVE-2025-7399 - Betheme <= 28.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access an…

πŸ“… Published: Aug. 6, 2025, 3:41 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

6.4

CVSS3.1

CVE-2025-7498 - Exclusive Addons for Elementor <= 2.7.9.4 - Authenticated (Contributor+) Stored Cross-Site Scriptin…

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributo…

πŸ“… Published: Aug. 6, 2025, 3:41 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

5.4

CVSS3.1

CVE-2025-8100 - Element Pack Elementor Addons and Templates <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Si…

The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers…

πŸ“… Published: Aug. 6, 2025, 3:40 a.m. πŸ”„ Last Modified: Aug. 6, 2025, 8:23 p.m.

4.8

CVSS3.1

CVE-2025-54651 -

Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“… Published: Aug. 6, 2025, 2:55 a.m. πŸ”„ Last Modified: Aug. 7, 2025, 7:18 a.m.

4.2

CVSS3.1

CVE-2025-54650 -

Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function.

πŸ“… Published: Aug. 6, 2025, 2:54 a.m. πŸ”„ Last Modified: Aug. 7, 2025, 7:18 a.m.
Total resulsts: 304679
Page 28 of 30,468
Β« previous page Β» next page
Filters