Fedora 42 : dotnet8.0 (2025-f74de9283d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f74de9283d advisory. This is the October 2025 release of .NET 8. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.21/8.0.121.md - Runtime:...

CVE-2025-21048

Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code...

CVE-2025-21050

Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles...

CVE-2025-21045

Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information...

CVE-2025-21047

Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs...

CVE-2025-21046

Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list...

CVE-2025-21055

Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory...

CVE-2025-21048

Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code...

CVE-2025-21048

CVE-2025-21048 describes a relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1, enabling local attackers to execute arbitrary code. Affected product: Knox Enterprise (Samsung). Root cause: traversal of unauthorized file paths in the software component handling input paths. ...

CVE-2025-21047

CVE-2025-21047 affects KnoxGuard. Multiple sources describe an improper access control flaw in KnoxGuard prior to SMR Oct-2025 Release 1 that could allow a physical attacker to use privileged APIs. Affected software is KnoxGuard with the vulnerability rooted in access control weaknesses enabling ...

CVE-2025-21045

Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information...

CVE-2025-21044

Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

PT-2025-41508

Name of the Vulnerable Software and Affected Versions KnoxGuard versions prior to SMR Oct-2025 Release 1 Description A flaw exists in access control within KnoxGuard that could allow attackers with physical access to utilize privileged APIs. This issue impacts systems where an attacker has the...

PT-2025-41505

Name of the Vulnerable Software and Affected Versions versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists in the fingerprint trustlet. This allows a locally privileged attacker to write to memory outside of allocated boundaries. Recommendations Update to SMR...

PT-2025-41512

Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists in the JPEG decoding pre-processing within libpadm.so. This allows a local attacker to write to memory outside of allocated boundaries. The iss...

CVE-2024-34664

Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment...

CVE-2022-39856

Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information...

CVE-2022-39854

Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...

PT-2024-33533

Name of the Vulnerable Software and Affected Versions Bootloader versions prior to SMR Oct-2024 Release 1 Description A failure in the protection mechanism of the bootloader allows physical attackers to reset the lockscreen failure count by injecting a hardware fault. This issue requires user...

CVE-2024-8589

creationtimestamp| type| source ---|---|--- 2024-10-29 23:58:57+00:00| seen| https://t.me/cvedetector/9373 2024-10-31 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1437/ 2025-02-06 02:40:18+00:00| seen| Telegram/cNDuyhlgSyyQ2PYdbARI8lTqkg15IuV6c1tjTiYh5KJxrGO...