Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54644 | 2025-08-06 | N/A | N/A | ||
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-55020 | 2025-08-06 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-55021 | 2025-08-06 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-54643 | 2025-08-06 | N/A | N/A | ||
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-7399 | 2025-08-06 | N/A | 6.4 MEDIUM | ||
| The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2025-54640 | 2025-08-06 | N/A | N/A | ||
| ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions. | |||||
| CVE-2025-54632 | 2025-08-06 | N/A | N/A | ||
| Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity. | |||||
| CVE-2025-8420 | 2025-08-06 | N/A | 8.1 HIGH | ||
| The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version less than, or equal to, 2.5.2 via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called. | |||||
| CVE-2025-54624 | 2025-08-06 | N/A | N/A | ||
| Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54627 | 2025-08-06 | N/A | N/A | ||
| Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-54626 | 2025-08-06 | N/A | N/A | ||
| Pointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this vulnerability may affect function stability. | |||||
| CVE-2025-54631 | 2025-08-06 | N/A | N/A | ||
| Vulnerability of insufficient data length verification in the partition module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54630 | 2025-08-06 | N/A | N/A | ||
| :Vulnerability of insufficient data length verification in the DFA module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54625 | 2025-08-06 | N/A | N/A | ||
| Race condition vulnerability in the kernel file system module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-8595 | 2025-08-06 | N/A | 4.3 MEDIUM | ||
| The Zakra theme for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the welcome_notice_import_handler() function in all versions up to, and including, 4.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo settings. | |||||
| CVE-2025-54629 | 2025-08-06 | N/A | N/A | ||
| Race condition issue occurring in the physical page import process of the memory management module. Impact: Successful exploitation of this vulnerability may affect service integrity. | |||||
| CVE-2025-54628 | 2025-08-06 | N/A | N/A | ||
| Vulnerability of incomplete verification information in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54620 | 2025-08-06 | N/A | N/A | ||
| Deserialization vulnerability of untrusted data in the ability module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54606 | 2025-08-06 | N/A | N/A | ||
| Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | |||||
| CVE-2025-54618 | 2025-08-06 | N/A | N/A | ||
| Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||