Export limit exceeded: 350441 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80548 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25631 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 8.8 High |
| In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. | ||||
| CVE-2021-25630 | 1 Collaboraoffice | 1 Online | 2024-11-21 | 7.8 High |
| "loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Before doing anything else "loolforkit" checks, if it was invoked by the "lool" user, and refuses to run with privileges, if it's not the case. In the vulnerable version of "loolforkit" this check was wrong, so a normal user could start "loolforkit" and eventually get local root privileges. | ||||
| CVE-2021-25517 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | ||||
| CVE-2021-25502 | 1 Google | 1 Android | 2024-11-21 | 7.9 High |
| A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge. | ||||
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.2 High |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | ||||
| CVE-2021-25499 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.1 High |
| Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | ||||
| CVE-2021-25498 | 1 Samsung | 1 Notes | 2024-11-21 | 7.3 High |
| A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||||
| CVE-2021-25497 | 1 Samsung | 1 Notes | 2024-11-21 | 7.3 High |
| A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||||
| CVE-2021-25496 | 1 Samsung | 1 Notes | 2024-11-21 | 7.3 High |
| A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||||
| CVE-2021-25495 | 1 Samsung | 1 Notes | 2024-11-21 | 7.3 High |
| A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | ||||
| CVE-2021-25492 | 1 Samsung | 1 Notes | 2024-11-21 | 7.3 High |
| Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. | ||||
| CVE-2021-25485 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | ||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 7.2 High |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 7.2 High |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 7.9 High |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | ||||
| CVE-2021-25442 | 1 Samsung | 1 Knox Cloud Services | 2024-11-21 | 7.5 High |
| Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication. | ||||
| CVE-2021-25441 | 2 Google, Samsung | 2 Android, Ar Emoji Editor | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25440 | 1 Samsung | 1 Factorycamerafb | 2024-11-21 | 7.8 High |
| Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25438 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 7.8 High |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview. | ||||
| CVE-2021-25428 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances. | ||||