CVE-2025-55023 - Fortinet SSL/TLS Weakness
CVE ID : CVE-2025-55023
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55023
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55024 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-55024
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55024
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55025 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-55025
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55025
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55026 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-55026
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55026
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55027
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55027
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6994 - Smartdatasoft WordPress Reveal Listing Plugin Privilege Escalation
CVE ID : CVE-2025-6994
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6994
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7399 - "Elementor Stored Cross-Site Scripting in Betheme Theme for WordPress"
CVE ID : CVE-2025-7399
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7399
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7498 - Elementor Exclusive Addons Stored Cross-Site Scripting
CVE ID : CVE-2025-7498
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7498
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8100 - Elementor Addons and Templates Stored Cross-Site Scripting
CVE ID : CVE-2025-8100
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8100
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20990 - Western Digital External Hard Drive Device Node Access Control Vulnerability
CVE ID : CVE-2025-20990
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20990
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21010 - SamsungAccount Privilege Escalation Vulnerability
CVE ID : CVE-2025-21010
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21010
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21011 - Samsung Galaxy Watch Unauthenticated Sensor Data Exposure
CVE ID : CVE-2025-21011
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21011
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21012 - Samsung Galaxy Watch Fall Detection Access Control Vulnerability
CVE ID : CVE-2025-21012
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21012
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21013 - Samsung Galaxy Watch SemSensorManager Access Control Bypass
CVE ID : CVE-2025-21013
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21013
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21014 - Android Emergency SoS Component Export Vulnerability
CVE ID : CVE-2025-21014
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21014
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21015 - "Acme Document Scanner Path Traversal Vulnerability (Local File Deletion)"
CVE ID : CVE-2025-21015
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21015
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21016 - PkgPredictorService Android Improper Access Control Vulnerability
CVE ID : CVE-2025-21016
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21016
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21017 - Blockchain Keystore Out-of-bounds Write Vulnerability
CVE ID : CVE-2025-21017
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21017
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21018 - Blockchain Keystore OOB Read Vulnerability
CVE ID : CVE-2025-21018
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21018
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21019 - Samsung Health Authorization Bypass Vulnerability
CVE ID : CVE-2025-21019
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21019
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21020 - Blockchain Keystore OOB Write Vulnerability
CVE ID : CVE-2025-21020
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21020
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...