Latest CVE Feed
-
5.9
MEDIUMCVE-2024-25073
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, ... Read more
- Published: Sep. 10, 2024
- Modified: Jul. 01, 2025
-
5.1
MEDIUMCVE-2024-45185
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an out-of-bounds write due to a heap ov... Read more
- Published: Nov. 04, 2024
- Modified: Jul. 01, 2025
-
7.5
HIGHCVE-2025-26783
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.... Read more
Affected Products : exynos_2100_firmware exynos_2200_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_modem_5300_firmware exynos_2100 exynos_2200 exynos_1280 exynos_1380 +10 more products- Published: May. 14, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Denial of Service
-
8.4
HIGHCVE-2024-32502
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result ... Read more
Affected Products : exynos_850_firmware exynos_1080_firmware exynos_2100_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_w920_firmware exynos_850 exynos_1080 exynos_2100 +6 more products- Published: Jun. 07, 2024
- Modified: Jul. 01, 2025
-
6.5
MEDIUMCVE-2024-56427
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds... Read more
- Published: May. 14, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
9.1
CRITICALCVE-2025-27891
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-boun... Read more
- Published: May. 14, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-55569
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-o... Read more
- Published: May. 14, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-50600
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malf... Read more
Affected Products : exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_w920_firmware exynos_980 exynos_850 exynos_1080 +10 more products- Published: Mar. 06, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
7.2
HIGHCVE-2025-6841
A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument ID leads to sql injection. The attack ca... Read more
Affected Products : product_inventory_system- Published: Jun. 29, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Injection
-
10.0
CRITICALCVE-2025-1864
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.... Read more
Affected Products : radare2- Published: Mar. 03, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
10.0
CRITICALCVE-2025-1744
Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.... Read more
Affected Products : radare2- Published: Feb. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Memory Corruption
-
7.2
HIGHCVE-2025-6842
A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit_user.php. The manipulation of the argument ID leads to sql injection. The attack may be ... Read more
Affected Products : product_inventory_system- Published: Jun. 29, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-47787
Emlog is an open source website building system. Emlog Pro prior to version 2.5.10 contains a file upload vulnerability. The store.php component contains a critical security flaw where it fails to properly validate the contents of remotely downloaded ZIP ... Read more
Affected Products : emlog- Published: May. 15, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Authentication
-
5.4
MEDIUMCVE-2024-39730
IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ... Read more
- Published: Jun. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Cross-Site Request Forgery
-
4.3
MEDIUMCVE-2025-36026
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The... Read more
- Published: Jun. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Authentication
-
5.4
MEDIUMCVE-2025-36027
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click action... Read more
- Published: Jun. 28, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Cross-Site Request Forgery
-
9.1
CRITICALCVE-2024-37770
14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.... Read more
Affected Products : 14finger- Published: Jul. 10, 2024
- Modified: Jul. 01, 2025
-
7.5
HIGHCVE-2024-37767
Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access all user information via a crafted GET request.... Read more
Affected Products : 14finger- Published: Jul. 05, 2024
- Modified: Jul. 01, 2025
-
8.1
HIGHCVE-2025-53098
Roo Code is an AI-powered autonomous coding agent. The project-specific MCP configuration for the Roo Code agent is stored in the `.roo/mcp.json` file within the VS Code workspace. Because the MCP configuration format allows for execution of arbitrary com... Read more
Affected Products : roo_code- Published: Jun. 27, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Misconfiguration
-
4.3
MEDIUMCVE-2024-23937
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. ... Read more
Affected Products : gecko_os- Published: Jan. 31, 2025
- Modified: Jul. 01, 2025
- Vuln Type: Information Disclosure