Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-13387 2025-12-02 HIGH 7.2 The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to…
CVE-2025-20792 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20791 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20790 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20789 2025-12-02 MEDIUM 4.4 In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed.…
CVE-2025-20788 2025-12-02 MEDIUM 4.4 In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges…
CVE-2025-20777 2025-12-02 MEDIUM 6.7 In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20776 2025-12-02 MEDIUM 6.7 In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20775 2025-12-02 MEDIUM 6.7 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20774 2025-12-02 MEDIUM 6.7 In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20773 2025-12-02 MEDIUM 6.7 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20772 2025-12-02 MEDIUM 6.7 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20771 2025-12-02 MEDIUM 6.7 In display, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already…
CVE-2025-20770 2025-12-02 MEDIUM 6.7 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20769 2025-12-02 LOW 3.4 In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20768 2025-12-02 HIGH 7.8 In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20767 2025-12-02 HIGH 7.8 In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has…
CVE-2025-20766 2025-12-02 HIGH 7.8 In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20765 2025-12-02 MEDIUM 4.7 In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already…
CVE-2025-20764 2025-12-02 HIGH 7.8 In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20763 2025-12-02 HIGH 7.8 In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor…
CVE-2025-20759 2025-12-02 MEDIUM 6.5 In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has…
CVE-2025-20758 2025-12-02 MEDIUM 4.9 In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20757 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20756 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20755 2025-12-02 MEDIUM 5.3 In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20754 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to…
CVE-2025-20753 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-20752 2025-12-02 MEDIUM 6.5 In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to…
CVE-2025-20751 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to…
CVE-2025-20750 2025-12-02 MEDIUM 5.3 In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a…
CVE-2025-13697 2025-12-02 MEDIUM 6.4 The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘timestamp’…
CVE-2025-12529 2025-12-02 HIGH 8.8 The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to,…
CVE-2024-45675 2025-12-02 HIGH 8.4 IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.
CVE-2025-58488 2025-12-02 MEDIUM 4.5 Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this…
CVE-2025-58487 2025-12-02 MEDIUM 4.0 Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.
CVE-2025-58486 2025-12-02 MEDIUM 4.0 Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
CVE-2025-58485 2025-12-02 MEDIUM 5.5 Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
CVE-2025-58484 2025-12-02 MEDIUM 4.0 Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox.
CVE-2025-58483 2025-12-02 MEDIUM 5.9 Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store.
CVE-2025-58482 2025-12-02 HIGH 7.3 Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVE-2025-58481 2025-12-02 HIGH 7.3 Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVE-2025-58480 2025-12-02 MEDIUM 4.3 Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58479 2025-12-02 MEDIUM 4.3 Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58478 2025-12-02 MEDIUM 4.3 Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58477 2025-12-02 MEDIUM 4.3 Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVE-2025-58476 2025-12-02 MEDIUM 4.2 Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
CVE-2025-58475 2025-12-02 MEDIUM 5.6 Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21080 2025-12-02 MEDIUM 6.2 Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
CVE-2025-21072 2025-12-02 MEDIUM 5.7 Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
« Anterior Página 260 de 3934 Siguiente »