| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Authorization Bypass Through User-Controlled Key vulnerability in SecHard Information Technologies SecHard allows Parameter Injection.This issue affects SecHard: before 3.6.2-20250805. |
| Process residence vulnerability in abnormal scenarios in the print module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds data read vulnerability in the authorization module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Permission control vulnerability in the contacts module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Path traversal vulnerability in the DFS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| File read permission bypass vulnerability in the kernel file system module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of improper access permission in the process management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other users' quiz attempts by manipulating the chained_completion_id cookie value, allowing them to alter quiz answers, scores, and results of any user. The vulnerability was partially patched in versions 1.3.4 and 1.3.5. |
| Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of improper access permission in the HDC module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission management vulnerability in the lock screen module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Arbitrary write vulnerability in the Gallery module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission verification vulnerability in the media library module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Access control vulnerability in the identity authentication module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of improper memory address protection in the HUKS module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| UAF vulnerability in the device node access module
Impact: Successful exploitation of this vulnerability may cause service exceptions of the device. |
