Total
1482 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-23105 | 1 Samsung | 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more | 2026-06-17 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-22849 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-22447 | 2026-06-17 | N/A | 7.8 HIGH | ||
| Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege. | |||||
| CVE-2025-22425 | 1 Google | 1 Android | 2026-06-17 | N/A | 5.1 MEDIUM |
| In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2025-21532 | 1 Oracle | 1 Analytics Desktop | 2026-06-17 | N/A | 7.8 HIGH |
| Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to compromise Oracle Analytics Desktop. Successful attacks of this vulnerability can result in takeover of Oracle Analytics Desktop. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2025-21106 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2026-06-17 | N/A | 5.5 MEDIUM |
| Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system. | |||||
| CVE-2025-20984 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch. | |||||
| CVE-2025-20910 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-06-17 | N/A | 6.2 MEDIUM |
| Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. | |||||
| CVE-2025-20095 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect Default Permissions for some Intel(R) RealSenseā¢ SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-20087 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-20023 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-1789 | 1 Genetec | 1 Genetec Update Service | 2026-06-17 | N/A | 7.8 HIGH |
| Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system. | |||||
| CVE-2025-1699 | 2026-06-17 | N/A | 2.8 LOW | ||
| An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access. | |||||
| CVE-2025-15615 | 1 Wazuh | 1 Wazuh | 2026-06-17 | N/A | 5.8 MEDIUM |
| Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable. | |||||
| CVE-2025-15523 | 2026-06-17 | N/A | N/A | ||
| MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Inkscape, potentially disguising attacker's malicious intent. This issue has been fixed in 1.4.3 version of Inkscape. | |||||
| CVE-2025-15343 | 1 Tanium | 1 Enforce | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tanium addressed an incorrect default permissions vulnerability in Enforce. | |||||
| CVE-2025-15341 | 1 Tanium | 1 Benchmark | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tanium addressed an incorrect default permissions vulnerability in Benchmark. | |||||
| CVE-2025-15340 | 1 Tanium | 1 Comply | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tanium addressed an incorrect default permissions vulnerability in Comply. | |||||
| CVE-2025-15339 | 1 Tanium | 1 Discover | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tanium addressed an incorrect default permissions vulnerability in Discover. | |||||
| CVE-2025-15338 | 1 Tanium | 1 Partner Integration | 2026-06-17 | N/A | 6.5 MEDIUM |
| Tanium addressed an incorrect default permissions vulnerability in Partner Integration. | |||||