Common Vulnerabilities and Exposures (CVEs)

CVE ID : CVE-2025-4224

Published : June 3, 2025, 3:15 a.m. | 4 hours, 12 minutes ago

Description : The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4797

Published : June 3, 2025, 5:15 a.m. | 29 minutes ago

Description : The Golo – City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user’s identity prior to setting an authorization cookie. This makes it possible for unauthenticated attackers to log in as any user, including administrators, provided they know the user’s email address.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53010

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption may occur while attaching VM when the HLOS retains access to VM.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53013

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption may occur while processing voice call registration with user.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53015

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption while processing IOCTL command to handle buffers associated with a session.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53016

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption while processing I2C settings in Camera driver.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53017

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption while handling test pattern generator IOCTL command.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53018

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption may occur while processing the OIS packet parser.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53020

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-21463

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Transient DOS while processing the EHT operation IE in the received beacon frame.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53021

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Information disclosure may occur while processing goodbye RTCP packet from network.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53026

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-53019

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-21480

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-21485

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-21486

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27029

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27031

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-31710

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27038

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…