6

CVSS3.1

CVE-2025-20658 -

In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: Mโ€ฆ

๐Ÿ“… Published: April 7, 2025, 3:14 a.m. ๐Ÿ”„ Last Modified: April 9, 2025, 3:20 p.m.

6.7

CVSS3.1

CVE-2025-20657 -

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.

๐Ÿ“… Published: April 7, 2025, 3:14 a.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 6:28 p.m.

6.8

CVSS3.1

CVE-2025-20656 -

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; โ€ฆ

๐Ÿ“… Published: April 7, 2025, 3:14 a.m. ๐Ÿ”„ Last Modified: April 9, 2025, 3:29 p.m.

5.3

CVSS3.1

CVE-2025-20655 -

In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183.

๐Ÿ“… Published: April 7, 2025, 3:14 a.m. ๐Ÿ”„ Last Modified: April 9, 2025, 3:37 p.m.

9.8

CVSS3.1

CVE-2025-20654 -

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.

๐Ÿ“… Published: April 7, 2025, 3:14 a.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 6:28 p.m.

6.9

CVSS4.0

CVE-2025-3333 - codeprojects Online Restaurant Management System menu_update.php sql injection

A vulnerability has been found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menu_update.php. The manipulation of the argument menu leads to sql injection. The attack can be launched โ€ฆ

๐Ÿ“… Published: April 7, 2025, 3 a.m. ๐Ÿ”„ Last Modified: April 29, 2025, 7:39 p.m.

3.3

CVSS3.1

CVE-2025-27534 - arkcompiler_ets_runtime has an out-of-bounds read vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.

๐Ÿ“… Published: April 7, 2025, 2:35 a.m. ๐Ÿ”„ Last Modified: Oct. 16, 2025, 3:01 p.m.

3.3

CVSS3.1

CVE-2025-25057 - third_party_NuttX has a memory leak vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.

๐Ÿ“… Published: April 7, 2025, 2:35 a.m. ๐Ÿ”„ Last Modified: Oct. 16, 2025, 3:01 p.m.

3.3

CVSS3.1

CVE-2025-24304 - arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write.

๐Ÿ“… Published: April 7, 2025, 2:35 a.m. ๐Ÿ”„ Last Modified: Oct. 16, 2025, 3:02 p.m.

6.5

CVSS3.1

CVE-2025-22851 - Liteos_A has an integer overflow vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow.

๐Ÿ“… Published: April 7, 2025, 2:35 a.m. ๐Ÿ”„ Last Modified: Oct. 16, 2025, 3 p.m.
Total resulsts: 349182
Page 5994 of 34,919
ยซ previous page ยป next page
Filters