| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-20001 | An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafte... | | |
| CVE-2025-20002 | GMOD Apollo Generation of Error Message Containing Sensitive Information | S | |
| CVE-2025-20003 | Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver sof... | | |
| CVE-2025-20004 | Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) ... | | |
| CVE-2025-20006 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may... | | |
| CVE-2025-20008 | Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before version 1... | | |
| CVE-2025-20009 | Improper input validation in the UEFI firmware GenerationSetup module for the Intel(R) Server D50DNP... | | |
| CVE-2025-20011 | Communication Dsoftbus has a memory leak vulnerability | | |
| CVE-2025-20012 | Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user ... | | |
| CVE-2025-20013 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for I... | | |
| CVE-2025-20014 | mySCADA myPRO Manager OS Command Injection | S | |
| CVE-2025-20015 | Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29.4 ... | | |
| CVE-2025-20016 | OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provi... | | |
| CVE-2025-20018 | Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to ... | | |
| CVE-2025-20021 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability | | |
| CVE-2025-20022 | Insufficient control flow management for some Edge Orchestrator software for Intel(R) Tiber™ Edge Pl... | | |
| CVE-2025-20024 | Arkcompiler Ets Runtime has an integer overflow vulnerability | | |
| CVE-2025-20026 | Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100... | | |
| CVE-2025-20029 | BIG-IP iControl REST and tmsh vulnerability | | |
| CVE-2025-20030 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for I... | | |
| CVE-2025-20031 | Improper input validation for some Intel(R) Graphics Drivers may allow an authenticated user to pote... | | |
| CVE-2025-20032 | Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version... | | |
| CVE-2025-20033 | DoS via custom post type for sysconsole plugin readers | S | |
| CVE-2025-20034 | Improper input validation in the BackupBiosUpdate UEFI firmware SmiVariable driver for the Intel(R) ... | | |
| CVE-2025-20036 | Insufficient Input Validation on Post Props | S | |
| CVE-2025-20039 | Race condition for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may... | | |
| CVE-2025-20041 | Uncontrolled search path for some Intel(R) Graphics software for Intel(R) Arc™ graphics and Intel(R)... | | |
| CVE-2025-20042 | Liteos-A has an out of bounds read vulnerability | | |
| CVE-2025-20043 | Uncontrolled search path for some Intel(R) RealSense™ SDK software before version 2.56.2 may allow a... | | |
| CVE-2025-20045 | BIG-IP SIP MRF Vulnerability | | |
| CVE-2025-20046 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may... | | |
| CVE-2025-20047 | Improper locking in the Intel(R) Integrated Connectivity I/O interface (CNVi) for some Intel(R) Core... | | |
| CVE-2025-20049 | Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Cross-site Scripting | S | |
| CVE-2025-20051 | Arbitrary file read via block duplication in Mattermost Boards | S | |
| CVE-2025-20052 | Improper access control for some Intel(R) Graphics software may allow an authenticated user to poten... | | |
| CVE-2025-20054 | Uncaught exception in the core management mechanism for some Intel(R) Processors may allow an authen... | | |
| CVE-2025-20055 | OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided b... | | |
| CVE-2025-20057 | Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platf... | | |
| CVE-2025-20058 | BIG-IP message routing vulnerability | | |
| CVE-2025-20059 | PingAM Java Policy Agent path traversal | | |
| CVE-2025-20060 | Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Exposure of Private Personal Information to an Unauthorized Actor | S | |
| CVE-2025-20061 | mySCADA myPRO Manager OS Command Injection | S | |
| CVE-2025-20062 | Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may... | | |
| CVE-2025-20063 | arkui_ace_engine has a type confusion vulnerability | | |
| CVE-2025-20071 | NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to poten... | | |
| CVE-2025-20072 | Mobile crash via improper validation of proto style in attachments | S | |
| CVE-2025-20075 | Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0 prior t... | | |
| CVE-2025-20076 | Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may al... | | |
| CVE-2025-20079 | Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to poten... | | |
| CVE-2025-20081 | Communication Dsoftbus has an UAF vulnerability | | |
| CVE-2025-20082 | Time-of-check time-of-use race condition in the UEFI firmware SmiVariable driver for the Intel(R) Se... | | |
| CVE-2025-20083 | Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged user... | | |
| CVE-2025-20084 | Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platf... | | |
| CVE-2025-20086 | Insufficient Input Validation on Post Props | S | |
| CVE-2025-20088 | Insufficient Input Validation on Post Props | S | |
| CVE-2025-20091 | Communication Dsoftbus has an UAF vulnerability | | |
| CVE-2025-20094 | Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.... | | |
| CVE-2025-20095 | Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may al... | | |
| CVE-2025-20097 | Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50... | | |
| CVE-2025-20100 | Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processo... | | |
| CVE-2025-20101 | Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially... | | |
| CVE-2025-20102 | arkcompiler_ets_runtime has an out-of-bounds read vulnerability | | |
| CVE-2025-20103 | Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow a... | | |
| CVE-2025-20104 | Race condition in some Administrative Tools for some Intel(R) Network Adapters package before versio... | | |
| CVE-2025-20108 | Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 ... | | |
| CVE-2025-20111 | Cisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service Vulnerability | | |
| CVE-2025-20112 | Cisco Unified Communications Products Privilege Escalation Vulnerability | | |
| CVE-2025-20113 | Cisco Unified Intelligence Center Privilege Escalation Vulnerability | | |
| CVE-2025-20114 | Cisco Unified Intelligence Center Insecure Direct Object Reference Vulnerability | | |
| CVE-2025-20115 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability | | |
| CVE-2025-20116 | Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20117 | Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability | | |
| CVE-2025-20118 | Cisco Application Policy Infrastructure Controller Authenticated Command Injection Due to Sensitive Disclosure Vulnerability | | |
| CVE-2025-20119 | Cisco Application Policy Infrastructure Controller Authenticated Local Denial of Service Vulnerability | | |
| CVE-2025-20120 | A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager ... | | |
| CVE-2025-20122 | Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability | | |
| CVE-2025-20123 | Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20124 | Cisco Identity Services Engine Java Deserialization Vulnerability | | |
| CVE-2025-20125 | Cisco Identity Services Engine Insufficient Authorization Bypass Vulnerability | | |
| CVE-2025-20126 | Cisco ThousandEyes Endpoint Agent Certificate Validation Vulnerability | | |
| CVE-2025-20128 | ClamAV OLE2 File Format Decryption Denial of Service Vulnerability | | |
| CVE-2025-20129 | Cisco Customer Collaboration Platform Information Disclosure Vulnerability | | |
| CVE-2025-20130 | Cisco Identity Services Engine Access Control Bypass Vulnerability | | |
| CVE-2025-20137 | A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running o... | | |
| CVE-2025-20138 | Cisco IOS XR Software CLI Privilege Escalation Vulnerability | | |
| CVE-2025-20139 | A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an u... | | |
| CVE-2025-20140 | A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless ... | | |
| CVE-2025-20141 | Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity | | |
| CVE-2025-20142 | Cisco IOS XR Software for ASR 9000 Series Routers L2VPN Denial of Service Vulnerability | | |
| CVE-2025-20143 | Cisco IOS XR Software Secure Boot Bypass Vulnerability | | |
| CVE-2025-20144 | Cisco IOS XR Software Access Control List Bypass Vulnerability | | |
| CVE-2025-20145 | Cisco IOS XR Software Access Control List Bypass Vulnerability | | |
| CVE-2025-20146 | Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Routing Denial of Service Vulnerability | | |
| CVE-2025-20147 | Cisco SD-WAN vManage Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20150 | Cisco Nexus Dashboard Username Enumeration Vulnerability | | |
| CVE-2025-20151 | Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability | | |
| CVE-2025-20152 | ISE restart | | |
| CVE-2025-20153 | Cisco ESA mail Bypass | | |
| CVE-2025-20154 | Cisco IOS, IOS XE and IOS XR Software TWAMP Denial of Service Vulnerability | | |
| CVE-2025-20155 | A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, loca... | | |
| CVE-2025-20156 | Cisco Meeting Management Client-Server Privilege Escalation Vulnerability | | |
| CVE-2025-20157 | Cisco Catalyst vManage Certificate Validation Vulnerability | | |
| CVE-2025-20158 | Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability | | |
| CVE-2025-20161 | Cisco NX-OS Software Command Injection Vulnerability | | |
| CVE-2025-20162 | A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauth... | | |
| CVE-2025-20163 | Cisco Nexus Dashboard Fabric Controller SSH Host Key Vulnerability | | |
| CVE-2025-20164 | A vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software co... | | |
| CVE-2025-20165 | Cisco BroadWorks SIP Denial of Service Vulnerability | | |
| CVE-2025-20166 | Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability | | |
| CVE-2025-20167 | Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability | | |
| CVE-2025-20168 | Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability | | |
| CVE-2025-20169 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20170 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20171 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20172 | A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR... | | |
| CVE-2025-20173 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20174 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20175 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20176 | A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an... | | |
| CVE-2025-20177 | Cisco IOS XR Software Image Verification Bypass Vulnerability | | |
| CVE-2025-20178 | Cisco Secure Network Analytics Privilege Escalation Vulnerability | | |
| CVE-2025-20179 | Cisco Expressway Series Cross-Site Scripting Vulnerability | | |
| CVE-2025-20180 | Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability | | |
| CVE-2025-20181 | A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Sw... | | |
| CVE-2025-20182 | Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability | | |
| CVE-2025-20183 | Cisco Secure Web Appliance Range Request Bypass Vulnerability | | |
| CVE-2025-20184 | Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability | | |
| CVE-2025-20185 | Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability | | |
| CVE-2025-20186 | A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisc... | | |
| CVE-2025-20187 | Cisco SD-WAN Manager Software Arbitrary File Creation Vulnerability | | |
| CVE-2025-20188 | A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recordin... | E | |
| CVE-2025-20189 | A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR... | | |
| CVE-2025-20190 | A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software c... | | |
| CVE-2025-20191 | Multiple Cisco Products Denial of Service Vulnerability | | |
| CVE-2025-20192 | A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Softwa... | | |
| CVE-2025-20193 | A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authen... | | |
| CVE-2025-20194 | A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authen... | | |
| CVE-2025-20195 | A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauth... | | |
| CVE-2025-20196 | A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS... | | |
| CVE-2025-20197 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit... | | |
| CVE-2025-20198 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit... | | |
| CVE-2025-20199 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit... | | |
| CVE-2025-20200 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit... | | |
| CVE-2025-20201 | A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker wit... | | |
| CVE-2025-20202 | A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacen... | | |
| CVE-2025-20203 | A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager ... | | |
| CVE-2025-20204 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20205 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20206 | Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability | | |
| CVE-2025-20207 | Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability | | |
| CVE-2025-20208 | A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) c... | | |
| CVE-2025-20209 | Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability | | |
| CVE-2025-20210 | Cisco Catalyst Center Unprotected API Endpoint | | |
| CVE-2025-20211 | Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability | | |
| CVE-2025-20212 | A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devi... | | |
| CVE-2025-20213 | Cisco Catalyst SDWAN Manager Arbitrary File Overwrite Vulnerability | | |
| CVE-2025-20214 | A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software c... | | |
| CVE-2025-20216 | Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability | | |
| CVE-2025-20221 | A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unau... | | |
| CVE-2025-20223 | A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, r... | | |
| CVE-2025-20226 | Risky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise | | |
| CVE-2025-20227 | Information Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio | | |
| CVE-2025-20228 | Maintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise | | |
| CVE-2025-20229 | Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise | | |
| CVE-2025-20230 | Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App | | |
| CVE-2025-20231 | Sensitive Information Disclosure in Splunk Secure Gateway App | | |
| CVE-2025-20232 | Risky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise | | |
| CVE-2025-20233 | Incorrect permissions set by the “chmod“ and “makedirs“ Python functions in Splunk App for Lookup File Editing | | |
| CVE-2025-20234 | ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2025-20236 | Cisco Webex App Client-Side Remote Code Execution Vulnerability | | |
| CVE-2025-20242 | A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) coul... | | |
| CVE-2025-20246 | A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-si... | | |
| CVE-2025-20247 | A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-si... | | |
| CVE-2025-20250 | A vulnerability in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-si... | | |
| CVE-2025-20255 | A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remo... | | |
| CVE-2025-20256 | Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability | | |
| CVE-2025-20257 | Cisco Secure Network Analytics API Authorization Vulnerability | | |
| CVE-2025-20258 | A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attac... | | |
| CVE-2025-20259 | Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability | | |
| CVE-2025-20260 | ClamAV PDF Scanning Buffer Overflow Vulnerability | | |
| CVE-2025-20261 | Cisco Integrated Management Controller Privilege Escalation Vulnerability | | |
| CVE-2025-20264 | Cisco Identity Services Engine Authorization Bypass Vulnerability | | |
| CVE-2025-20267 | Cisco Identity Services Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20271 | Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability | | |
| CVE-2025-20273 | Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting vulnerability | | |
| CVE-2025-20275 | Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability | | |
| CVE-2025-20276 | Cisco Unified Contact Center Express Remote Code Execution Vulnerability | | |
| CVE-2025-20277 | Cisco Unified Contact Center Express Path Traversal Vulnerability | | |
| CVE-2025-20278 | Cisco Unified Communications Products Command Injection Vulnerability | | |
| CVE-2025-20279 | Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20281 | Cisco ISE API Unauthenticated Remote Code Execution Vulnerability | | |
| CVE-2025-20282 | Cisco ISE API Unauthenticated Remote Code Execution Vulnerability | | |
| CVE-2025-20286 | ISE on AWS Static Credential | | |
| CVE-2025-20297 | Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component | | |
| CVE-2025-20298 | Incorrect permission assignment on Universal Forwarder for Windows during new installation or upgrade | | |
| CVE-2025-20300 | Improper Access Control Lets Low-Privilege Users Suppress Read-Only Alerts in Splunk Enterprise | | |
| CVE-2025-20307 | Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability | | |
| CVE-2025-20308 | Cisco Spaces Connector Privilege Escalation Vulnerability | | |
| CVE-2025-20309 | Cisco Unified Communications Manager Static SSH Credentials Vulnerability | S | |
| CVE-2025-20310 | Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability | | |
| CVE-2025-20319 | Remote Command Execution through Scripted Input Files in Splunk Enterprise | | |
| CVE-2025-20320 | Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise | | |
| CVE-2025-20321 | Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise | | |
| CVE-2025-20322 | Denial of Service (DoS) in Search Head Cluster through Cross-Site Request Forgery (CSRF) in Splunk Enterprise | | |
| CVE-2025-20323 | Missing Access Control of Saved Searches in the Splunk Archiver app | | |
| CVE-2025-20324 | Improper Access Control in System Source Types Configuration in Splunk Enterprise | | |
| CVE-2025-20325 | Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise | | |
| CVE-2025-20611 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for I... | | |
| CVE-2025-20612 | Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edg... | | |
| CVE-2025-20615 | Qardio Heart Health IOS Mobile Application Exposure of Private Personal Information to an Unauthorized Actor | M | |
| CVE-2025-20616 | Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platf... | | |
| CVE-2025-20617 | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exi... | | |
| CVE-2025-20618 | Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before versi... | | |
| CVE-2025-20620 | SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker ... | | |
| CVE-2025-20621 | Webapp crash via object that can't be cast to String in Attachment Field | S | |
| CVE-2025-20623 | Exposure of sensitive information caused by shared microarchitectural predictor state that influence... | | |
| CVE-2025-20624 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for I... | | |
| CVE-2025-20626 | Arkcompiler Ets Runtime has an UAF vulnerability | | |
| CVE-2025-20629 | Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network Adapter ... | | |
| CVE-2025-20630 | Mobile crash via object that can't be cast to String in Attachment Field | S | |
| CVE-2025-20631 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20632 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20633 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20634 | In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to ... | | |
| CVE-2025-20635 | In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to ... | | |
| CVE-2025-20636 | In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to... | | |
| CVE-2025-20637 | In network HW, there is a possible system hang due to an uncaught exception. This could lead to remo... | | |
| CVE-2025-20638 | In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lea... | | |
| CVE-2025-20639 | In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20640 | In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to loca... | | |
| CVE-2025-20641 | In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20642 | In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20643 | In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to loca... | | |
| CVE-2025-20644 | In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to ... | | |
| CVE-2025-20645 | In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lea... | | |
| CVE-2025-20646 | In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could ... | | |
| CVE-2025-20647 | In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote ... | | |
| CVE-2025-20648 | In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20649 | In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check.... | | |
| CVE-2025-20650 | In da, there is a possible out of bounds write due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20651 | In da, there is a possible out of bounds read due to a missing bounds check. This could lead to loca... | | |
| CVE-2025-20652 | In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to l... | | |
| CVE-2025-20653 | In da, there is a possible out of bounds read due to an integer overflow. This could lead to local i... | | |
| CVE-2025-20654 | In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This coul... | | |
| CVE-2025-20655 | In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead ... | | |
| CVE-2025-20656 | In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to loc... | | |
| CVE-2025-20657 | In vdec, there is a possible permission bypass due to improper input validation. This could lead to ... | | |
| CVE-2025-20658 | In DA, there is a possible permission bypass due to a logic error. This could lead to local escalati... | | |
| CVE-2025-20659 | In Modem, there is a possible system crash due to improper input validation. This could lead to remo... | | |
| CVE-2025-20660 | In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could le... | | |
| CVE-2025-20661 | In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could le... | | |
| CVE-2025-20662 | In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could le... | | |
| CVE-2025-20663 | In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This cou... | | |
| CVE-2025-20664 | In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This cou... | | |
| CVE-2025-20665 | In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could l... | | |
| CVE-2025-20666 | In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote d... | | |
| CVE-2025-20667 | In Modem, there is a possible information disclosure due to incorrect error handling. This could lea... | | |
| CVE-2025-20668 | In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to lo... | | |
| CVE-2025-20670 | In Modem, there is a possible permission bypass due to improper certificate validation. This could l... | | |
| CVE-2025-20671 | In thermal, there is a possible out of bounds write due to a race condition. This could lead to loca... | | |
| CVE-2025-20672 | In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This ... | | |
| CVE-2025-20673 | In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead t... | | |
| CVE-2025-20674 | In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission ch... | | |
| CVE-2025-20675 | In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead t... | | |
| CVE-2025-20676 | In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead t... | | |
| CVE-2025-20677 | In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead ... | | |
| CVE-2025-20678 | In ims service, there is a possible system crash due to incorrect error handling. This could lead to... | | |
| CVE-2025-20680 | In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This ... | | |
| CVE-2025-20681 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20682 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20683 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20684 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20685 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20686 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This co... | | |
| CVE-2025-20687 | In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This c... | | |
| CVE-2025-20688 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This cou... | | |
| CVE-2025-20689 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This cou... | | |
| CVE-2025-20690 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This cou... | | |
| CVE-2025-20691 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This cou... | | |
| CVE-2025-20692 | In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This cou... | | |
| CVE-2025-20693 | In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This co... | | |
| CVE-2025-20694 | In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to r... | | |
| CVE-2025-20695 | In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to r... | | |
| CVE-2025-20881 | Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SM... | | |
| CVE-2025-20882 | Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-20... | | |
| CVE-2025-20883 | Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to ... | | |
| CVE-2025-20884 | Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers... | | |
| CVE-2025-20885 | Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged atta... | | |
| CVE-2025-20886 | Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 ... | | |
| CVE-2025-20887 | Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1... | | |
| CVE-2025-20888 | Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Rel... | | |
| CVE-2025-20889 | Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025... | | |
| CVE-2025-20890 | Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows ... | | |
| CVE-2025-20891 | Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR ... | | |
| CVE-2025-20892 | Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers... | | |
| CVE-2025-20893 | Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attacker... | | |
| CVE-2025-20894 | Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to acce... | | |
| CVE-2025-20895 | Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physi... | | |
| CVE-2025-20896 | Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows loca... | | |
| CVE-2025-20897 | Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Andro... | | |
| CVE-2025-20898 | Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to... | | |
| CVE-2025-20899 | Improper access control in PushNotification prior to version 13.0.00.15 in Android 12, 14.0.00.7 in ... | | |
| CVE-2025-20900 | Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attacke... | | |
| CVE-2025-20901 | Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attacker... | | |
| CVE-2025-20902 | Improper access control in Media Controller prior to version 1.0.24.5282 allows local attacker to la... | | |
| CVE-2025-20903 | Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local atta... | | |
| CVE-2025-20904 | Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged att... | | |
| CVE-2025-20905 | Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privi... | | |
| CVE-2025-20906 | Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows... | | |
| CVE-2025-20907 | Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privilege... | | |
| CVE-2025-20908 | Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent atta... | | |
| CVE-2025-20909 | Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allow... | | |
| CVE-2025-20910 | Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local at... | | |
| CVE-2025-20911 | Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local ... | | |
| CVE-2025-20912 | Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers ... | | |
| CVE-2025-20913 | Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71... | | |
| CVE-2025-20914 | Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.... | | |
| CVE-2025-20915 | Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 a... | | |
| CVE-2025-20916 | Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows atta... | | |
| CVE-2025-20917 | Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 all... | | |
| CVE-2025-20918 | Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.7... | | |
| CVE-2025-20919 | Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 a... | | |
| CVE-2025-20920 | Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers ... | | |
| CVE-2025-20921 | Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 al... | | |
| CVE-2025-20922 | Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows at... | | |
| CVE-2025-20923 | Improper access control in Galaxy Wearable prior to version 2.2.61.24112961 allows local attackers t... | | |
| CVE-2025-20924 | Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to acc... | | |
| CVE-2025-20925 | Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allow... | | |
| CVE-2025-20926 | Improper export of Android application components in My Files prior to version 15.0.07.5 in Android ... | | |
| CVE-2025-20927 | Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local a... | | |
| CVE-2025-20928 | Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local a... | | |
| CVE-2025-20929 | Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local a... | | |
| CVE-2025-20930 | Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local at... | | |
| CVE-2025-20931 | Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local at... | | |
| CVE-2025-20932 | Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows lo... | | |
| CVE-2025-20933 | Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local att... | | |
| CVE-2025-20934 | Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to ... | | |
| CVE-2025-20935 | Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025... | | |
| CVE-2025-20936 | Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with... | | |
| CVE-2025-20937 | Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged at... | | |
| CVE-2025-20938 | Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to... | | |
| CVE-2025-20939 | Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1... | | |
| CVE-2025-20940 | Improper handling of insufficient permission in Samsung Device Health Manager Service prior to SMR A... | | |
| CVE-2025-20941 | Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access t... | | |
| CVE-2025-20942 | Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Relea... | | |
| CVE-2025-20943 | Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attack... | | |
| CVE-2025-20944 | Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows loca... | | |
| CVE-2025-20945 | Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to ac... | | |
| CVE-2025-20946 | Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bl... | | |
| CVE-2025-20947 | Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025... | | |
| CVE-2025-20948 | Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allo... | | |
| CVE-2025-20949 | Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read ... | | |
| CVE-2025-20950 | Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows... | | |
| CVE-2025-20951 | Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version... | | |
| CVE-2025-20952 | Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to acc... | | |
| CVE-2025-20953 | Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to ... | | |
| CVE-2025-20954 | Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 a... | | |
| CVE-2025-20955 | Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR M... | | |
| CVE-2025-20956 | Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 ... | | |
| CVE-2025-20957 | Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to ... | | |
| CVE-2025-20958 | Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 ... | | |
| CVE-2025-20959 | Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Releas... | | |
| CVE-2025-20960 | Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 a... | | |
| CVE-2025-20961 | Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025... | | |
| CVE-2025-20962 | Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 ... | | |
| CVE-2025-20963 | Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows ... | | |
| CVE-2025-20964 | Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows lo... | | |
| CVE-2025-20965 | Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local ... | | |
| CVE-2025-20966 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.... | | |
| CVE-2025-20967 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.... | | |
| CVE-2025-20968 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.... | | |
| CVE-2025-20969 | Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.0... | | |
| CVE-2025-20970 | Improper access control in Bixby Vision prior to version 3.8.1 in Android 13, 3.8.3 in Android 14, 3... | | |
| CVE-2025-20971 | Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access... | | |
| CVE-2025-20972 | Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allo... | | |
| CVE-2025-20973 | Improper authentication in Secure Folder prior to version 1.8.12.0 in Android 13, and 1.9.21.00 in A... | | |
| CVE-2025-20974 | Improper handling of insufficient permission in PackageInstallerCN prior to version 15.0.11.0 allows... | | |
| CVE-2025-20975 | Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows lo... | | |
| CVE-2025-20976 | Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 al... | | |
| CVE-2025-20977 | Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version ... | | |
| CVE-2025-20978 | Improper access control in PENUP prior to version 3.9.19.32 allows local attackers to access files w... | | |
| CVE-2025-20979 | Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary co... | | |
| CVE-2025-20980 | Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to cause memory corrupt... | | |
| CVE-2025-20981 | Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to ac... | | |
| CVE-2025-20982 | Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 all... | | |
| CVE-2025-20983 | Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 al... | | |
| CVE-2025-20984 | Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allow... | | |
| CVE-2025-20985 | Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privilege... | | |
| CVE-2025-20986 | Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows loc... | | |
| CVE-2025-20987 | Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privile... | | |
| CVE-2025-20988 | Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged a... | | |
| CVE-2025-20989 | Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged att... | | |
| CVE-2025-20991 | Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allow... | | |
| CVE-2025-20992 | Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local at... | | |
| CVE-2025-20993 | Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local ... | | |
| CVE-2025-20994 | Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on ... | | |
| CVE-2025-20995 | Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-... | | |
| CVE-2025-20996 | Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 al... | | |
| CVE-2025-20997 | Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows lo... | | |
| CVE-2025-20998 | Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows lo... | | |
| CVE-2025-20999 | Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Rel... | |