Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-20992 |
Description: Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.
CVSS: MEDIUM (4.0) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20991 |
Description: Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.
CVSS: MEDIUM (4.0) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20989 |
Description: Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.
CVSS: MEDIUM (5.2) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20988 |
Description: Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20987 |
Description: Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.
CVSS: MEDIUM (5.2) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20986 |
Description: Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20985 |
Description: Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20984 |
Description: Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.
CVSS: MEDIUM (6.8) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-20981 |
Description: Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.
CVSS: MEDIUM (6.2) EPSS Score: 0.01%
June 4th, 2025 (5 days ago)
|
|
CVE-2025-5560 |
Description: A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in PHPGurukul Curfew e-Pass Management System 1.0 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /index.php. Durch das Manipulieren des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
June 4th, 2025 (5 days ago)
|