Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-21461 2025-08-06 HIGH 7.8 Memory corruption when programming registers through virtual CDM.
CVE-2025-21458 2025-08-06 HIGH 7.8 Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.
CVE-2025-21457 2025-08-06 MEDIUM 6.1 Information disclosure while opening a fastrpc session when domain is not sanitized.
CVE-2025-21456 2025-08-06 HIGH 7.8 Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.
CVE-2025-21455 2025-08-06 HIGH 7.8 Memory corruption while submitting blob data to kernel space though IOCTL.
CVE-2025-21452 2025-08-06 HIGH 7.5 Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.
CVE-2025-7727 2025-08-06 MEDIUM 6.4 The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Fun Fact blocks in all versions up to, and including, 3.1.0…
CVE-2025-7376 2025-08-06 MEDIUM 5.9 Windows Shortcut Following (.LNK) vulnerability in multiple processes of Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS version 11.00, Mitsubishi Electric GENESIS64…
CVE-2025-21024 2025-08-06 LOW 3.3 Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.
CVE-2025-21023 2025-08-06 LOW 3.3 Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.
CVE-2025-21022 2025-08-06 LOW 3.3 Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.
CVE-2025-21021 2025-08-06 MEDIUM 5.7 Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21020 2025-08-06 MEDIUM 5.7 Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21019 2025-08-06 MEDIUM 5.5 Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
CVE-2025-21018 2025-08-06 MEDIUM 4.4 Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
CVE-2025-21017 2025-08-06 MEDIUM 6.3 Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21016 2025-08-06 MEDIUM 4.3 Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
CVE-2025-21015 2025-08-06 MEDIUM 4.0 Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
CVE-2025-21014 2025-08-06 MEDIUM 4.3 Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
CVE-2025-21013 2025-08-06 MEDIUM 6.2 Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
CVE-2025-21012 2025-08-06 MEDIUM 5.5 Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
CVE-2025-21011 2025-08-06 MEDIUM 5.5 Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
CVE-2025-21010 2025-08-06 MEDIUM 6.0 Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
CVE-2025-20990 2025-08-06 MEDIUM 4.0 Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
CVE-2025-8100 2025-08-06 MEDIUM 5.4 The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due…
CVE-2025-7498 2025-08-06 MEDIUM 6.4 The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to…
CVE-2025-7399 2025-08-06 MEDIUM 6.4 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input…
CVE-2025-6994 2025-08-06 CRITICAL 9.8 The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users…
CVE-2025-54651 2025-08-06 MEDIUM 4.8 Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54650 2025-08-06 MEDIUM 4.2 Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function.
CVE-2025-54649 2025-08-06 MEDIUM 4.5 Vulnerability of using incompatible types to access resources in the location service. Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect.
CVE-2025-54648 2025-08-06 MEDIUM 5.4 Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54647 2025-08-06 MEDIUM 5.4 Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54646 2025-08-06 MEDIUM 5.1 Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance.
CVE-2025-54645 2025-08-06 MEDIUM 5.0 Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54644 2025-08-06 MEDIUM 6.6 Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54643 2025-08-06 MEDIUM 6.6 Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54642 2025-08-06 MEDIUM 6.7 Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54641 2025-08-06 MEDIUM 6.7 Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54640 2025-08-06 MEDIUM 5.5 ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.
CVE-2025-54639 2025-08-06 MEDIUM 5.5 ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.
CVE-2025-8595 2025-08-06 MEDIUM 4.3 The Zakra theme for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the welcome_notice_import_handler() function in all versions up to, and including,…
CVE-2025-8420 2025-08-06 HIGH 8.1 The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version less than, or equal to, 2.5.2 via the emd_form_builder_lite_pagenum function. This is…
CVE-2025-54638 2025-08-06 MEDIUM 5.5 Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service.
CVE-2025-54637 2025-08-06 MEDIUM 4.4 Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54636 2025-08-06 MEDIUM 4.4 Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54635 2025-08-06 MEDIUM 5.9 Vulnerability of returning released pointers in the distributed notification service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54634 2025-08-06 HIGH 8.0 Vulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54633 2025-08-06 MEDIUM 6.7 Out-of-bounds read vulnerability in the register configuration of the DMA module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54632 2025-08-06 MEDIUM 6.8 Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity.
« Anterior Página 939 de 4305 Siguiente »