Trending now

CVE-2025-21042 is an out-of-bounds write vulnerability found in Samsung's libimagecodec.quram.so library. This library is responsible for handling image parsing and decoding on Samsung Galaxy devices. The vulnerability is triggered when processing a specially crafted image file, leading to a write operation outside the allocated memory boundaries. Successful exploitation of this vulnerability allows remote attackers to execute arbitrary code on affected devices. This can be achieved through various channels such as email attachments, messaging apps, or web browsing, where the device processes an attacker-supplied image. A patch has been released in the SMR Apr-2025 Release 1 security update to address this vulnerability.

CVE-2025-48593 is a critical zero-click vulnerability in the Android System component that manages essential device functions. It allows attackers to remotely execute malicious code without any user interaction or additional privileges. The vulnerability stems from insufficient validation of user input and affects Android versions 13 through 16. Successful exploitation of CVE-2025-48593 could give attackers full control over affected devices, potentially leading to data theft, ransomware deployment, or the use of compromised smartphones as nodes in botnet attacks. Google has released a security patch in the November 2025 Android Security Bulletin to address this vulnerability.

CVE-2025-59304 is a directory traversal vulnerability found in Swetrix Web Analytics API version 3.1.1 before commit 7d8b972. This vulnerability can be exploited by a remote attacker to achieve Remote Code Execution (RCE) through a crafted HTTP request. The vulnerability exists because the API fails to properly sanitize user-supplied input, allowing an attacker to traverse the directory structure of the server. By sending a specially crafted HTTP request, an attacker can access unauthorized files and potentially execute arbitrary code on the server.

CVE-2025-6218 is a directory traversal remote code execution vulnerability that affects RARLAB WinRAR. It allows remote attackers to execute arbitrary code on affected installations. Exploitation of this vulnerability requires user interaction, as the target must visit a malicious page or open a malicious file. The vulnerability lies in how WinRAR handles file paths within archive files, where a specially crafted file path can cause the process to traverse to unintended directories. By leveraging this vulnerability, an attacker can execute code within the security context of the current user.

CVE-2025-24170 refers to a logic issue that was resolved through improved file handling. The vulnerability affects macOS Ventura 13.7.5 and macOS Sonoma 14.7.5. Successful exploitation of this vulnerability could allow an application to gain root privileges.

CVE-2025-64459 is an SQL injection vulnerability affecting Django, a widely-used Python web framework. The vulnerability resides in the `QuerySet` methods (`filter()`, `exclude()`, `get()`) and the `Q()` class. It occurs when a crafted dictionary with dictionary expansion is used as the `_connector` argument. Attackers can exploit this vulnerability by injecting malicious SQL commands through manipulating the `_connector` argument in `QuerySet` methods. This can lead to unauthorized database access, data manipulation, or exposure of sensitive information. Django versions 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8 are affected. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) might also be affected.

CVE-2025-64458 affects Django's HTTP redirect handling on Windows systems. The vulnerability lies in the `HttpResponseRedirect` and `HttpResponsePermanentRedirect` functions. It is caused by slow NFKC normalization in Python on Windows. An attacker could exploit this by sending crafted URLs with excessive Unicode characters. This can cause Django's redirect functions to consume large amounts of CPU time, potentially leading to performance degradation or a denial-of-service. Django versions 5.2, 5.1, 4.2, and the beta version 6.0 are affected. Patches have been released in versions 5.2.8, 5.1.14, and 4.2.26.

CVE-2025-20362 is a vulnerability found in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. It could allow an unauthenticated, remote attacker to access restricted URL endpoints that should normally require authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit it by sending crafted HTTP requests to a targeted web server, potentially gaining access to restricted URLs without proper authentication. Cisco has released software updates to address this vulnerability.

CVE-2025-20333 is a vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. It stems from improper validation of user-supplied input in HTTP(S) requests. An authenticated, remote attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. Successful exploitation could allow the attacker to execute arbitrary code as root, potentially leading to complete compromise of the device. Cisco has released software updates to address this vulnerability.

CVE-2023-42824 is a kernel vulnerability affecting iPhones and iPads that could allow a local attacker to elevate their privileges. Apple is aware of reports that this issue may have been actively exploited against versions of iOS before iOS 16.6. The vulnerability impacts iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later. It was addressed with improved checks in iOS 16.7.1 and iPadOS 16.7.1.