| 2025-05-06 | CVE-2025-25218 | NULL Pointer Dereference vulnerability in Openatom Openharmony
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | 5.5 |
| 2025-05-06 | CVE-2025-27132 | Out-of-bounds Write vulnerability in Openatom Openharmony
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | 7.8 |
| 2025-05-06 | CVE-2025-27241 | NULL Pointer Dereference vulnerability in Openatom Openharmony
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | 5.5 |
| 2025-05-06 | CVE-2025-27248 | NULL Pointer Dereference vulnerability in Openatom Openharmony
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. | 5.5 |
| 2025-05-06 | CVE-2025-4341 | A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. network low complexity CWE-77 critical | 9.8 |
| 2025-05-06 | CVE-2025-4342 | Classic Buffer Overflow vulnerability in Dlink Dir-600L Firmware
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. | 9.8 |
| 2025-05-06 | CVE-2025-4343 | Classic Buffer Overflow vulnerability in Dlink Dir-600L Firmware
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. | 9.8 |
| 2025-05-06 | CVE-2024-58252 | Unspecified vulnerability in Huawei Harmonyos 5.0.0
Vulnerability of insufficient information protection in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2025-05-06 | CVE-2025-3020 | An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact. | 5.4 |
| 2025-05-06 | CVE-2025-3281 | The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.1 via the create_stripe_subscription() function, due to missing validation on the 'member_id' user controlled key. | 5.3 |