CVE-2025-30259

LOW Year: 2025
CVSS v3 Score
3.5
Low
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL.

Related Vulnerabilities

CVE-2016-3531

LOW
CVSS:3.5(Low)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to PC ...

NVD-CWE-Other2016

CVE-2017-10014

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI). The supported version that is affected is 1.1. Easily exploitable vuln...

NVD-CWE-Other2017

CVE-2017-10308

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab...

NVD-CWE-Other2017

CVE-2017-3235

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2...

NVD-CWE-Other2017

CVE-2019-18179

LOW
CVSS:3.5(Low)

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent ...

NVD-CWE-Other2019

CVE-2019-2547

LOW
CVSS:3.5(Low)

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged ...

NVD-CWE-Other2019