4

CVSS3.1

CVE-2023-21471 -

Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.

πŸ“… Published: Sept. 3, 2025, 5:17 a.m. πŸ”„ Last Modified: Sept. 5, 2025, 4:46 p.m.

4

CVSS3.1

CVE-2023-21470 -

Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.

πŸ“… Published: Sept. 3, 2025, 5:17 a.m. πŸ”„ Last Modified: Sept. 19, 2025, 8:36 p.m.

4

CVSS3.1

CVE-2023-21469 -

Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.

πŸ“… Published: Sept. 3, 2025, 5:17 a.m. πŸ”„ Last Modified: Sept. 19, 2025, 8:36 p.m.

5.9

CVSS3.1

CVE-2023-21468 -

Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.

πŸ“… Published: Sept. 3, 2025, 5:17 a.m. πŸ”„ Last Modified: Sept. 19, 2025, 8:37 p.m.

4.6

CVSS3.1

CVE-2023-21467 -

Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message.

πŸ“… Published: Sept. 3, 2025, 5:16 a.m. πŸ”„ Last Modified: Sept. 8, 2025, 2:58 p.m.

5.3

CVSS3.1

CVE-2023-21466 -

PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.

πŸ“… Published: Sept. 3, 2025, 5:16 a.m. πŸ”„ Last Modified: Sept. 8, 2025, 3:02 p.m.

7.7

CVSS4.0

CVE-2025-9785 - Misconfigured certificate validation with self-signed certificates for Print Deploy

PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not full…

πŸ“… Published: Sept. 3, 2025, 4:14 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2025-58176 - Dive's improper processing of custom urls can lead to Remote Code Execution

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, `transport` in the JSON object. An attacker can exploit the vulner…

πŸ“… Published: Sept. 3, 2025, 3:52 a.m. πŸ”„ Last Modified: Sept. 11, 2025, 9:20 p.m.

6.8

CVSS3.1

CVE-2025-58351 - Outline's Local File Storage Feature can Cause CSP Bypass

Outline is a service that allows for collaborative documentation. In versions 0.72.0 through 0.83.0, Outline introduced a feature which facilitates local file system storage capabilities as an optional file storage strategy. This feature allowed a CSP bypass as well as a ContentType bypass that mig…

πŸ“… Published: Sept. 3, 2025, 3:20 a.m. πŸ”„ Last Modified: Oct. 20, 2025, 6:46 p.m.

8.6

CVSS4.0

CVE-2025-58163 - FreeScout's deserialization of untrusted data can lead to Remote Code Execution

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated attackers with knowledge of the application's APP_KEY to achieve remote code execution. The vulnerabili…

πŸ“… Published: Sept. 3, 2025, 1:34 a.m. πŸ”„ Last Modified: Sept. 8, 2025, 3:03 p.m.
Total resulsts: 349182
Page 4043 of 34,919
Β« previous page Β» next page
Filters