5.3

CVSS4.0

CVE-2025-3412 - mymagicpower AIAS InferController.java server-side request forgery

A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308. Affected is an unknown function of the file 2_training_platform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the argument url leads to server-side reque…

πŸ“… Published: April 8, 2025, 5:31 a.m. πŸ”„ Last Modified: Sept. 4, 2025, 3:40 p.m.

5.3

CVSS4.0

CVE-2025-3411 - mymagicpower AIAS AsrController.java server-side request forgery

A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308. This issue affects some unknown processing of the file 3_api_platform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the argument url leads to server-sid…

πŸ“… Published: April 8, 2025, 5 a.m. πŸ”„ Last Modified: Sept. 4, 2025, 3:40 p.m.

5.3

CVSS4.0

CVE-2025-3410 - mymagicpower AIAS LocalStorageController.java unrestricted upload

A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file training_platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted up…

πŸ“… Published: April 8, 2025, 5 a.m. πŸ”„ Last Modified: Sept. 4, 2025, 3:40 p.m.

8.8

CVSS3.1

CVE-2025-20946 -

Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.

πŸ“… Published: April 8, 2025, 4:50 a.m. πŸ”„ Last Modified: Feb. 26, 2026, 6:28 p.m.

5.4

CVSS3.1

CVE-2025-20939 -

Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.

πŸ“… Published: April 8, 2025, 4:49 a.m. πŸ”„ Last Modified: Jan. 27, 2026, 5:54 p.m.

5.1

CVSS3.1

CVE-2025-20951 -

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

πŸ“… Published: April 8, 2025, 4:40 a.m. πŸ”„ Last Modified: July 17, 2025, 6:16 p.m.

4

CVSS3.1

CVE-2025-20950 -

Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.

πŸ“… Published: April 8, 2025, 4:40 a.m. πŸ”„ Last Modified: July 17, 2025, 6:16 p.m.

5.5

CVSS3.1

CVE-2025-20948 -

Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

πŸ“… Published: April 8, 2025, 4:40 a.m. πŸ”„ Last Modified: Feb. 5, 2026, 2:46 p.m.

5.5

CVSS3.1

CVE-2025-20947 -

Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.

πŸ“… Published: April 8, 2025, 4:40 a.m. πŸ”„ Last Modified: Feb. 5, 2026, 2:57 p.m.

4

CVSS3.1

CVE-2025-20945 -

Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.

πŸ“… Published: April 8, 2025, 4:40 a.m. πŸ”„ Last Modified: Jan. 27, 2026, 5:55 p.m.
Total resulsts: 346107
Page 5668 of 34,611
Β« previous page Β» next page
Filters