CVE-2025-8100 - Elementor Addons and Templates Stored Cross-Site Scripting
CVE ID : CVE-2025-8100
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8100
Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago
Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20990 - Western Digital External Hard Drive Device Node Access Control Vulnerability
CVE ID : CVE-2025-20990
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20990
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21010 - SamsungAccount Privilege Escalation Vulnerability
CVE ID : CVE-2025-21010
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21010
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21011 - Samsung Galaxy Watch Unauthenticated Sensor Data Exposure
CVE ID : CVE-2025-21011
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21011
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21012 - Samsung Galaxy Watch Fall Detection Access Control Vulnerability
CVE ID : CVE-2025-21012
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21012
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21013 - Samsung Galaxy Watch SemSensorManager Access Control Bypass
CVE ID : CVE-2025-21013
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21013
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21014 - Android Emergency SoS Component Export Vulnerability
CVE ID : CVE-2025-21014
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21014
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21015 - "Acme Document Scanner Path Traversal Vulnerability (Local File Deletion)"
CVE ID : CVE-2025-21015
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21015
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21016 - PkgPredictorService Android Improper Access Control Vulnerability
CVE ID : CVE-2025-21016
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21016
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21017 - Blockchain Keystore Out-of-bounds Write Vulnerability
CVE ID : CVE-2025-21017
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21017
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21018 - Blockchain Keystore OOB Read Vulnerability
CVE ID : CVE-2025-21018
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21018
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21019 - Samsung Health Authorization Bypass Vulnerability
CVE ID : CVE-2025-21019
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21019
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21020 - Blockchain Keystore OOB Write Vulnerability
CVE ID : CVE-2025-21020
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21020
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21021 - Blockchain Keystore Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-21021
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21021
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21022 - Galaxy Wearable Information Disclosure Vulnerability
CVE ID : CVE-2025-21022
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21022
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21023 - Samsung Galaxy Watch Local File Access Vulnerability
CVE ID : CVE-2025-21023
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21023
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21024 - Android Smart View Implicit Intent Information Disclosure Vulnerability
CVE ID : CVE-2025-21024
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21024
Published : Aug. 6, 2025, 5:15 a.m. | 1 hour, 20 minutes ago
Description : Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21465 - Cisco Networking Equipment Information Disclosure
CVE ID : CVE-2025-21465
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Information disclosure while processing the hash segment in an MBN file.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21465
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Information disclosure while processing the hash segment in an MBN file.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21472 - Citrix eSE Debug Information Disclosure Vulnerability
CVE ID : CVE-2025-21472
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Information disclosure while capturing logs as eSE debug messages are logged.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21472
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Information disclosure while capturing logs as eSE debug messages are logged.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21473 - Cisco Camera Data Mover (CDM) Register Write Memory Corruption Vulnerability
CVE ID : CVE-2025-21473
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21473
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21474 - Samsung Android A2dp Sink Command Queue Memory Corruption Vulnerability
CVE ID : CVE-2025-21474
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Memory corruption while processing commands from A2dp sink command queue.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21474
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 20 minutes ago
Description : Memory corruption while processing commands from A2dp sink command queue.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...