Total
32012 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47182 | 1 Microsoft | 1 Edge Chromium | 2025-07-17 | N/A | 5.6 MEDIUM |
| Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2024-20867 | 1 Samsung | 1 Email | 2025-07-17 | N/A | 5.5 MEDIUM |
| Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information. | |||||
| CVE-2024-20868 | 1 Samsung | 1 Notes | 2025-07-17 | N/A | 4.4 MEDIUM |
| Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions. | |||||
| CVE-2025-20898 | 1 Samsung | 1 Members | 2025-07-17 | N/A | 4.6 MEDIUM |
| Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles. | |||||
| CVE-2025-20894 | 1 Samsung | 1 Email | 2025-07-17 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles. | |||||
| CVE-2025-2942 | 1 Tychesoftwares | 1 Order Delivery Date For Woocommerce | 2025-07-17 | N/A | 4.3 MEDIUM |
| The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action, allowing attackers to retrieve such information | |||||
| CVE-2025-21002 | 1 Samsung | 1 Android | 2025-07-16 | N/A | 6.2 MEDIUM |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast. | |||||
| CVE-2025-20971 | 1 Samsung | 1 Flow | 2025-07-16 | N/A | 5.5 MEDIUM |
| Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow. | |||||
| CVE-2024-42646 | 1 Emqx | 1 Nanomq | 2025-07-16 | N/A | 7.5 HIGH |
| A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages. | |||||
| CVE-2025-20924 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles. | |||||
| CVE-2024-0909 | 1 Cayenne | 1 Anonymous Restricted Content | 2025-07-16 | N/A | 5.3 MEDIUM |
| The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. This is due to insufficient restrictions through the REST API on the posts/pages that protections are being place on. This makes it possible for unauthenticated attackers to access protected content. | |||||
| CVE-2021-26700 | 1 Microsoft | 1 Npm | 2025-07-16 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code npm-script Extension Remote Code Execution Vulnerability | |||||
| CVE-2018-8327 | 1 Microsoft | 2 Powershell, Powershell Editor Services | 2025-07-16 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension. | |||||
| CVE-2025-31672 | 2 Apache, Netapp | 2 Poi, Active Iq Unified Manager | 2025-07-15 | N/A | 5.3 MEDIUM |
| Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names (including the path) in the zip. In this case, products reading the affected file could read different data because 1 of the zip entries with the duplicate name is selected over another but different products may choose a different zip entry. This issue affects Apache POI poi-ooxml before 5.4.0. poi-ooxml 5.4.0 has a check that throws an exception if zip entries with duplicate file names are found in the input file. Users are recommended to upgrade to version poi-ooxml 5.4.0, which fixes the issue. Please read https://poi.apache.org/security.html for recommendations about how to use the POI libraries securely. | |||||
| CVE-2024-49050 | 1 Microsoft | 1 Python | 2025-07-15 | N/A | 8.8 HIGH |
| Visual Studio Code Python Extension Remote Code Execution Vulnerability | |||||
| CVE-2020-17163 | 1 Microsoft | 1 Python | 2025-07-15 | N/A | 7.8 HIGH |
| Visual Studio Code Python Extension Remote Code Execution Vulnerability | |||||
| CVE-2025-43559 | 1 Adobe | 1 Coldfusion | 2025-07-15 | N/A | 9.1 CRITICAL |
| ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed. | |||||
| CVE-2025-43563 | 1 Adobe | 1 Coldfusion | 2025-07-15 | N/A | 9.1 CRITICAL |
| ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction, and scope is changed. | |||||
| CVE-2025-30281 | 1 Adobe | 1 Coldfusion | 2025-07-15 | N/A | 9.1 CRITICAL |
| ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction, and scope is changed. | |||||
| CVE-2025-3067 | 1 Google | 2 Android, Chrome | 2025-07-15 | N/A | 8.8 HIGH |
| Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium) | |||||