Export limit exceeded: 342290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342290 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58302 | 1 Huawei | 2 Emui, Harmonyos | 2025-12-02 | 8.4 High |
| Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-64315 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 4.4 Medium |
| Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity. | ||||
| CVE-2025-64314 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 9.3 Critical |
| Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2025-64313 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.3 Medium |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-64311 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.1 Medium |
| Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58316 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 7.3 High |
| DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58315 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.5 Medium |
| Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58314 | 1 Huawei | 2 Emui, Harmonyos | 2025-12-02 | 6.6 Medium |
| Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2025-58312 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 5.1 Medium |
| Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58310 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 8 High |
| Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-58309 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 6.8 Medium |
| Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2025-58307 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 6.4 Medium |
| UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58303 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 8.4 High |
| UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-58294 | 1 Huawei | 1 Harmonyos | 2025-12-02 | 6.2 Medium |
| Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-8489 | 2 Kingaddons, Wordpress | 2 King Addons For Elementor, Wordpress | 2025-12-01 | 9.8 Critical |
| The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with. This makes it possible for unauthenticated attackers to register with administrator-level user accounts. | ||||
| CVE-2025-32989 | 2 Gnu, Redhat | 9 Gnutls, Ceph Storage, Discovery and 6 more | 2025-12-01 | 5.3 Medium |
| A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. | ||||
| CVE-2025-49642 | 1 Zabbix | 1 Zabbix-agent | 2025-12-01 | N/A |
| Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory. | ||||
| CVE-2025-13296 | 1 T-soft | 1 E-commerce | 2025-12-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery.This issue affects T-Soft E-Commerce: through 28112025. | ||||
| CVE-2025-50736 | 1 Byaidu | 1 Pdfmathtranslate | 2025-12-01 | 6.1 Medium |
| An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradio_api endpoint. This vulnerability could be exploited for phishing attacks or to bypass security filters. | ||||
| CVE-2025-48980 | 1 Brave | 3 Brave, Brave Browser, Browser | 2025-12-01 | N/A |
| In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method. | ||||