{"vulnerability": "cve-2025-2096", "sightings": [{"uuid": "a60ebfe7-9d81-43ce-a6d6-12c50c9738fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20960", "type": "seen", "source": "https://t.me/cvedetector/24705", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20960 - CocktailBarService Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20960 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:27.000000Z"}, {"uuid": "290a6143-fca3-45cf-b3e2-daa9702dbbe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "2b3b0619-5e22-43f7-98ac-5d483dde0682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:35.000000Z"}, {"uuid": "14112e42-d4ab-4278-93ee-4dba913f82f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20969", "type": "seen", "source": "https://t.me/cvedetector/24697", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20969 - Samsung Gallery Input Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20969 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:15.000000Z"}, {"uuid": "971a8a9d-5022-49dd-93fa-5221da331717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20969", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15346", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20969\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.\n\ud83d\udccf Published: 2025-05-07T08:24:24.722Z\n\ud83d\udccf Modified: 2025-05-07T15:51:19.190Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05", "creation_timestamp": "2025-05-07T16:23:24.000000Z"}, {"uuid": "1b8f4f18-b6f2-4c74-9d6d-c3b61b222b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "seen", "source": "Telegram/uP9raKmA-xCj1cxEC9WFGeVBEt2gFw56iFFhck5AbJe5SBMc", "content": "", "creation_timestamp": "2025-03-08T04:36:11.000000Z"}, {"uuid": "6fc34ca5-0179-4bb6-9b13-d18afd7347f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20962", "type": "seen", "source": "https://t.me/cvedetector/24706", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20962 - Samsung S Pen Gesture Service Position Tracking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20962 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:28.000000Z"}, {"uuid": "8ac4cd9f-fc1c-401f-8c38-bb7eafdd207a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20963", "type": "seen", "source": "https://t.me/cvedetector/24707", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20963 - Symantec Antivirus Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-20963 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:29.000000Z"}, {"uuid": "5ddd0ee1-5e7d-4b9d-ab2e-9b2f8e9f7941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20961", "type": "seen", "source": "https://t.me/cvedetector/24704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20961 - Sepunion Service Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20961 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:26.000000Z"}, {"uuid": "69538346-eea1-4276-8d4d-445d0ecaf088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20968", "type": "seen", "source": "https://t.me/cvedetector/24696", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20968 - Samsung Gallery Unauthenticated Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-20968 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:13.000000Z"}, {"uuid": "2b4d3e23-5ca5-4636-98b0-64efeacfe3f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20967", "type": "seen", "source": "https://t.me/cvedetector/24702", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20967 - Samsung Gallery File Access Vulnerability (Privilege Escalation)\", \n  \"Content\": \"CVE ID : CVE-2025-20967 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:22.000000Z"}, {"uuid": "06624aeb-8edd-4177-9522-a9bf4c6ee6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljthjruvly2l", "content": "", "creation_timestamp": "2025-03-08T02:19:51.060707Z"}, {"uuid": "e1e60cf0-ded9-4a75-87f7-fbbb3e37a510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20963", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lqovx6sb5m22", "content": "", "creation_timestamp": "2025-06-03T08:50:52.825385Z"}, {"uuid": "72bf5b5c-ead4-4764-b6fd-0d683e8e071f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20964", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lqovx6sb5m22", "content": "", "creation_timestamp": "2025-06-03T08:50:52.980172Z"}, {"uuid": "0f2e0094-197d-45ee-bf8b-bef14c202656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "seen", "source": "https://t.me/cvedetector/19860", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2096 - TOTOLINK EX1800T OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2096 \nPublished : March 7, 2025, 10:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-08T00:58:40.000000Z"}, {"uuid": "e40eab0c-a8bf-4f0f-926a-c5d41cf6a5cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2096", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6896", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2096\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-07T22:00:16.475Z\n\ud83d\udccf Modified: 2025-03-07T22:28:45.665Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.298954\n2. https://vuldb.com/?ctiid.298954\n3. https://vuldb.com/?submit.515322\n4. https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/OS%20Command%20Injection%2004%20setRebootScheCfg-_mode.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-03-07T22:35:45.000000Z"}, {"uuid": "06b5a517-811d-46e4-a155-90a5c5fa9af8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20964", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20964\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.\n\ud83d\udccf Published: 2025-05-07T08:24:18.521Z\n\ud83d\udccf Modified: 2025-05-13T19:16:41.604Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05", "creation_timestamp": "2025-05-13T19:30:58.000000Z"}]}