8663 matches found
CVE-2024-46507
A SSTI server side template injection vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server...
CVE-2026-50733 Markdown Preview Enhanced Arbitrary Code Execution via WaveDrom eval()
Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval, allowing arbitrary JavaScript execution. The flaw affects every render path - the live preview window.eval and presentation mode plus HTML export the bundled WaveDrom.ProcessAll/ev...
WordPress LearnPress – Backup & Migration Tool plugin <= 4.1.4 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read vulnerability
Authenticated Administrator+ Path Traversal to Arbitrary File Read vulnerability discovered by Wannes Verwimp in WordPress Plugin LearnPress Export Import versions = 4.1.4...
WordPress LearnPress – Backup & Migration Tool plugin <= 4.1.4 - Authenticated (Administrator+) PHP Object Injection vulnerability
Authenticated Administrator+ PHP Object Injection vulnerability discovered by Wannes Verwimp in WordPress Plugin LearnPress Export Import versions = 4.1.4...
CVE-2026-21034
Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration...
CVE-2026-21027
Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function...
CVE-2026-21026
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information...
CVE-2026-21034
Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration...
CVE-2026-21034
Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration...
CVE-2026-21034
The CVE-2026-21034 issue affects Samsung Auto: improper export of Android components in Samsung Auto prior to version 3.1.2.61 on Android 15 and 3.2.0.38 on Android 16 allows a local attacker to change audio configurations. The connected sources confirm the affected product (Samsung Auto) and the...
EUVD-2026-34805
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21033
The CVE-2026-21033 entry concerns Samsung Assistant, specifically the ExpressHomeWidgetReceiver component. The flaw is described as an improper export of Android application components that, in versions prior to 9.3.14, can allow a local attacker to execute arbitrary scripts. The available docume...
EUVD-2026-34804
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
EUVD-2026-34801
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations...
CVE-2026-21029
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations...
EUVD-2026-34799
Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function...
CVE-2026-21027
Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function...
CVE-2026-21027
Technical details about CVE-2026-21027, including affected products, vulnerable components, root cause, and fixes, are not provided in the supplied documents. Monitor Samsung advisories and NVD for updates.