Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-21008

    Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21007

    Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21006

    Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-21005

    Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-21004

    Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-21003

    Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Information Disclosure

  • 6.2

    MEDIUM
    CVE-2025-21002

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-21001

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-21000

    Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 4.1

    MEDIUM
    CVE-2025-20999

    Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-20998

    Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-20997

    Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Misconfiguration

  • 6.7

    MEDIUM
    CVE-2025-20983

    Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 6.7

    MEDIUM
    CVE-2025-20982

    Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.... Read more

    Affected Products : android
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2024-31854

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected ... Read more

    Affected Products : sicam_toolbox_ii
    • Published: Jul. 08, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 8.1

    HIGH
    CVE-2024-31853

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's cer... Read more

    Affected Products : sicam_toolbox_ii
    • Published: Jul. 08, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 7.0

    HIGH
    CVE-2023-52236

    A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Cryptography

  • 9.8

    CRITICAL
    CVE-2025-7173

    A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initia... Read more

    Affected Products : library_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-7172

    A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate th... Read more

    Affected Products : crime_reporting_system
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Injection

  • 7.3

    HIGH
    CVE-2025-6744

    The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shor... Read more

    Affected Products : woodmart
    • Published: Jul. 08, 2025
    • Modified: Jul. 09, 2025
Showing 20 of 291638 Results