Common Vulnerabilities and Exposures (CVE)
CVE-2025-66372
Mustang before 2.16.3 allows exfiltrating files via XXE attacks.
CVE-2025-13737
The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This mak...
CVE-2025-64312
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58311
UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2025-58308
Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2025-58305
Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58304
Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58302
Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58294
Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-64313
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-64311
Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58315
Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-58314
Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2025-58312
Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.