Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2021-25633

    LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerabili... Read more

    Affected Products : debian_linux libreoffice
    • EPSS Score: %0.29
    • Published: Oct. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-25631

    In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an exec... Read more

    Affected Products : libreoffice
    • EPSS Score: %1.32
    • Published: May. 03, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25630

    "loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Before doing anything else "loolforkit" checks, if it was invoked by the "lool" user, and refuses to run with privileges, if it's not the case. In th... Read more

    Affected Products : online
    • EPSS Score: %0.04
    • Published: Feb. 23, 2021
    • Modified: Nov. 21, 2024

  • 3.8

    LOW
    CVE-2021-25527

    Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.... Read more

    Affected Products : pay samsung_pay
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25526

    Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action.... Read more

    Affected Products : blockchain_wallet
    • EPSS Score: %0.05
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-25525

    Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition.... Read more

    Affected Products : pay samsung_pay
    • EPSS Score: %0.10
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25524

    Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.... Read more

    Affected Products : contacts
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25523

    Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID.... Read more

    Affected Products : dialer
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25522

    Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.... Read more

    Affected Products : smart_capture
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25521

    Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.... Read more

    Affected Products : internet
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-25520

    Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.... Read more

    Affected Products : internet
    • EPSS Score: %0.45
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25519

    An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-25518

    An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25517

    An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-25516

    An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.... Read more

    Affected Products : android dex
    • EPSS Score: %0.12
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25515

    An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-25514

    An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.... Read more

    Affected Products : android dex
    • EPSS Score: %0.07
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-25513

    An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25512

    An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25511

    An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291384 Results