|
Vulindex Security Brief — High & Critical CVEs
Curated, vendor‑grouped CVE insights with direct patch links
|
|
|
|
Your curated CVE brief — vendor‑grouped, High/Critical focus.
Total: 163
Groups: 23
High (7.0–8.9) and Critical (9.0+) prioritized.
|
|
Adobe
10
Apache
2
Apple
46
Cisco
14
Dell
1
Docker, Inc.
1
F5 Networks
3
Firebird
1
Fortinet
5
GitLab Inc.
3
Google
9
HashiCorp
2
IBM
2
Ivanti
4
JetBrains
4
Microsoft
25
Mozilla
7
NVIDIA
17
PostgreSQL Global Development Group
2
SAP
1
Trend Micro
2
WinRAR
1
Zoom Video Communications
1
|
|
Adobe :: Commerce
Adobe :: Experience Manager
Adobe :: Framemaker
|
|
CVE-2025-54253
2025-08-05 17:15 UTC
⛔ CRITICAL 10.0
|
Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
|
|
CVE-2025-49557
2025-08-12 18:15 UTC
⚠ HIGH 8.7
|
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.
|
|
CVE-2025-54254
2025-08-05 17:15 UTC
⚠ HIGH 8.6
|
Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the local file system, scope is changed. Exploitation of this issue does not require user interaction.
|
|
CVE-2025-49555
2025-08-12 18:15 UTC
⚠ HIGH 8.1
|
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.
|
|
CVE-2025-54230
2025-08-12 23:15 UTC
⚠ HIGH 7.8
|
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|
CVE-2025-54229
2025-08-12 23:15 UTC
HIGH 7.8
|
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|
CVE-2025-54231
2025-08-12 23:15 UTC
HIGH 7.8
|
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|
CVE-2025-54232
2025-08-12 23:15 UTC
HIGH 7.8
|
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|
CVE-2025-49554
2025-08-12 18:15 UTC
HIGH 7.5
|
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.
|
|
CVE-2025-49556
2025-08-12 18:15 UTC
HIGH 7.5
|
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.
|
|
|
Apache :: bRPC
Apache :: Tomcat
|
|
CVE-2025-54472
2025-08-14 09:15 UTC
HIGH 7.5
|
Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network.
Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers read from the network. If the integer read from the network is too large, it may cause a bad alloc error and lead to the program crashing. Attackers can exploit this feature by sending special data packets to the bRPC service to carry out a denial-of-service attack on it.
The bRPC 1.14.0 version tried to fix this issue by limited the memory allocation size, however, the limitation checking code is not well implemented that may cause integer overflow and evade such limitation. So the 1.14.0 version is also vulnerable, although the integer range that affect version 1.14.0 is different from that affect version < 1.14.0.
Affected scenarios: Using bRPC as a Redis server to provide network services to untrusted clients, or using bRPC as a Redis client to call untrusted Redis services.
How to Fix: we provide two methods, you can choose one of them:
1. Upgrade bRPC to version 1.14.1.
2. Apply this patch ( https://github.com/apache/brpc/pull/3050 ) manually.
No matter you choose which method, you should note that the patch limits the maximum length of memory allocated for each time in the bRPC Redis parser. The default limit is 64M. If some of you redis request or response have a size larger than 64M, you might encounter error after upgrade. For such case, you can modify the gflag redis_max_allocation_size to set a larger limit.
|
|
CVE-2025-48989
2025-08-13 13:15 UTC
HIGH 7.5
|
Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.
Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.
|
|
|
Apple :: iOS
Apple :: iPadOS
Apple :: macOS
Apple :: Safari
Apple :: tvOS
Apple :: visionOS
Apple :: watchOS
|
|
CVE-2025-43192
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-driven User Enrollment may still be possible with Lockdown Mode turned on.
|
|
CVE-2025-43222
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to cause unexpected app termination.
|
|
CVE-2025-43233
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app acting as a HTTPS proxy could get access to sensitive user data.
|
|
CVE-2025-43189
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to read kernel memory.
|
|
CVE-2025-43199
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app may be able to gain root privileges.
|
|
CVE-2025-43220
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
|
|
CVE-2025-43245
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.
|
|
CVE-2025-43184
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.4. A shortcut may be able to bypass sensitive Shortcuts app settings.
|
|
CVE-2025-43253
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device.
|
|
CVE-2025-43198
2025-07-30 00:15 UTC
CRITICAL 9.8
|
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.
|
|
CVE-2025-43193
2025-07-30 00:15 UTC
CRITICAL 9.8
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to cause a denial-of-service.
|
|
CVE-2025-43194
2025-07-30 00:15 UTC
CRITICAL 9.8
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
|
|
CVE-2025-43237
2025-07-30 00:15 UTC
CRITICAL 9.8
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
|
|
CVE-2025-43275
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
|
|
CVE-2025-43209
2025-07-30 00:15 UTC
CRITICAL 9.8
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, visionOS 2.6, macOS Ventura 13.7.7. Processing maliciously crafted web content may lead to an unexpected Safari crash.
|
|
CVE-2025-43232
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to bypass certain Privacy preferences.
|
|
CVE-2025-43261
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
|
|
CVE-2025-43186
2025-07-30 00:15 UTC
CRITICAL 9.8
|
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6, macOS Ventura 13.7.7. Parsing a file may lead to an unexpected app termination.
|
|
CVE-2025-43234
2025-07-30 00:15 UTC
CRITICAL 9.8
|
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing a maliciously crafted texture may lead to unexpected app termination.
|
|
CVE-2025-43243
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to modify protected parts of the file system.
|
|
CVE-2025-43244
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
|
|
CVE-2025-31279
2025-07-30 00:15 UTC
CRITICAL 9.8
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.
|
|
CVE-2025-43273
2025-07-30 00:15 UTC
CRITICAL 9.1
|
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions.
|
|
CVE-2025-31281
2025-07-30 00:15 UTC
CRITICAL 9.1
|
An input validation issue was addressed with improved memory handling. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted file may lead to unexpected app termination.
|
|
CVE-2025-31229
2025-07-30 00:15 UTC
CRITICAL 9.1
|
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.
|
|
CVE-2025-43300
2025-08-21 01:15 UTC
HIGH 8.8
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
|
|
CVE-2025-31277
2025-07-30 00:15 UTC
HIGH 8.8
|
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.
|
|
CVE-2025-31278
2025-07-30 00:15 UTC
HIGH 8.8
|
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.
|
|
CVE-2025-43270
2025-07-30 00:15 UTC
HIGH 8.8
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may gain unauthorized access to Local Network.
|
|
CVE-2025-31273
2025-07-30 00:15 UTC
HIGH 8.8
|
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.
|
|
CVE-2025-43249
2025-07-30 00:15 UTC
HIGH 7.8
|
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
|
|
CVE-2025-31280
2025-07-30 00:15 UTC
HIGH 7.8
|
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption.
|
|
CVE-2025-43248
2025-07-30 00:15 UTC
HIGH 7.8
|
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges.
|
|
CVE-2025-43196
2025-07-30 00:15 UTC
HIGH 7.8
|
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.
|
|
CVE-2025-31243
2025-07-30 00:15 UTC
HIGH 7.8
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to gain root privileges.
|
|
CVE-2025-43256
2025-07-30 00:15 UTC
HIGH 7.8
|
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges.
|
|
CVE-2025-24119
2025-07-30 00:15 UTC
HIGH 7.8
|
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
|
|
CVE-2025-43277
2025-07-30 00:15 UTC
HIGH 7.8
|
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted audio file may lead to memory corruption.
|
|
CVE-2025-43188
2025-07-30 00:15 UTC
HIGH 7.8
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.
|
|
CVE-2025-24224
2025-07-30 00:15 UTC
HIGH 7.5
|
The issue was addressed with improved checks. This issue is fixed in tvOS 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5, macOS Ventura 13.7.7. A remote attacker may be able to cause unexpected system termination.
|
|
CVE-2025-43223
2025-07-30 00:15 UTC
HIGH 7.5
|
A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. A non-privileged user may be able to modify restricted network settings.
|
|
CVE-2025-43227
2025-07-30 00:15 UTC
HIGH 7.5
|
This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.
|
|
CVE-2025-43221
2025-07-30 00:15 UTC
HIGH 7.1
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, visionOS 2.6, tvOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
|
|
CVE-2025-43254
2025-07-30 00:15 UTC
HIGH 7.1
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. Processing a maliciously crafted file may lead to unexpected app termination.
|
|
CVE-2025-43239
2025-07-30 00:15 UTC
HIGH 7.1
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination.
|
|
CVE-2025-43224
2025-07-30 00:15 UTC
HIGH 7.1
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
|
|
|
Cisco :: Cisco IOS
Cisco :: Cisco Secure Firewall ASA
Cisco :: Cisco Secure Firewall Management Center
Cisco :: Cisco Secure Firewall Threat Defense
|
|
CVE-2025-20265
2025-08-14 17:15 UTC
CRITICAL 10.0
|
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.
Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.
|
|
CVE-2025-20134
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper parsing of SSL/TLS certificates. An attacker could exploit this vulnerability by sending crafted DNS packets that match a static Network Address Translation (NAT) rule with DNS inspection enabled through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
|
|
CVE-2025-20222
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the RADIUS proxy feature for the IPsec VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
This vulnerability is due to improper processing of IPv6 packets. An attacker could exploit this vulnerability by sending IPv6 packets over an IPsec VPN connection to an affected device. A successful exploit could allow the attacker to trigger a reload of the device, resulting in a DoS condition.
|
|
CVE-2025-20253
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition.
This vulnerability is due to the improper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause an infinite loop that exhausts resources and could cause the device to reload.
|
|
CVE-2025-20133
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition.
This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests.
|
|
CVE-2025-20263
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.
This vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition.
|
|
CVE-2025-20136
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation (NAT) DNS inspection for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to an infinite loop condition that occurs when a Cisco Secure ASA or Cisco Secure FTD device processes DNS packets with DNS inspection enabled and the device is configured for NAT44, NAT64, or NAT46. An attacker could exploit this vulnerability by sending crafted DNS packets that match a static NAT rule with DNS inspection enabled through an affected device. A successful exploit could allow the attacker to create an infinite loop and cause the device to reload, resulting in a DoS condition.
|
|
CVE-2025-20239
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.
This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
|
|
CVE-2025-20243
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
This vulnerability is due to improper validation of user-supplied input on an interface with VPN web services. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on an affected device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.
|
|
CVE-2025-20217
2025-08-14 17:15 UTC
HIGH 8.6
|
A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to incorrect processing of traffic that is inspected by an affected device. An attacker could exploit this vulnerability by sending crafted traffic through the affected device. A successful exploit could allow the attacker to cause the affected device to enter an infinite loop while inspecting traffic, resulting in a DoS condition. The system watchdog will restart the Snort process automatically.
|
|
CVE-2025-20251
2025-08-14 17:15 UTC
HIGH 8.5
|
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover.
This vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive.
To exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device.
|
|
CVE-2025-20148
2025-08-14 17:15 UTC
HIGH 8.5
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document.
This vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, read arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Security Analyst (Read Only).
|
|
CVE-2025-20127
2025-08-14 17:15 UTC
HIGH 7.7
|
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests.
This vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition.
Note: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted.
|
|
CVE-2025-20244
2025-08-14 17:15 UTC
HIGH 7.7
|
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to incomplete error checking when parsing an HTTP header field value. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted Remote Access SSL VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition, which would cause the affected device to reload.
|
|
|
Dell :: Dell SupportAssist
|
|
CVE-2025-38747
2025-08-06 20:15 UTC
HIGH 7.8
|
Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges.
|
|
|
Docker, Inc. :: Docker Desktop
|
|
CVE-2025-9074
2025-08-20 14:15 UTC
CRITICAL 9.3
|
A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled.
This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
|
|
|
F5 Networks :: Access Policy Manager
F5 Networks :: BIG-IP
F5 Networks :: F5 Access for Android
F5 Networks :: Local Traffic Manager
|
|
CVE-2025-52585
2025-08-13 15:15 UTC
HIGH 7.5
|
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|
CVE-2025-46405
2025-08-13 15:15 UTC
HIGH 7.5
|
When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|
CVE-2025-54809
2025-08-13 15:15 UTC
HIGH 7.4
|
F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|
|
CVE-2025-24975
2025-08-15 15:15 UTC
HIGH 7.1
|
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when created versus what is available could result in a segfault in the server process. Encrypted databases, accessed by execute statement on external, may be accessed later by an attachment missing a key to that database. In a case when execute statement are chained, segfault may happen. Additionally, the segfault may affect unencrypted databases. This issue has been patched in snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 and point releases 4.0.6 and 5.0.2. A workaround for this issue involves setting ExtConnPoolSize equal to 0 in firebird.conf.
|
|
|
Fortinet :: Fortinet FortiADC
Fortinet :: Fortinet FortiOS / FortiGate
Fortinet :: Fortinet FortiProxy
Fortinet :: Fortinet FortiSIEM
Fortinet :: Fortinet FortiWeb
|
|
CVE-2025-25256
2025-08-12 19:15 UTC
CRITICAL 9.8
|
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.
|
|
CVE-2024-26009
2025-08-12 19:15 UTC
HIGH 8.1
|
An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number.
|
|
CVE-2025-52970
2025-08-12 19:15 UTC
HIGH 8.1
|
A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges on the device via a specially crafted request.
|
|
CVE-2025-49813
2025-08-12 19:15 UTC
HIGH 7.2
|
An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters.
|
|
CVE-2025-53744
2025-08-12 19:15 UTC
HIGH 7.2
|
An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager.
|
|
|
CVE-2025-6186
2025-08-13 18:15 UTC
HIGH 8.7
|
An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names.
|
|
CVE-2025-7734
2025-08-13 18:15 UTC
HIGH 8.7
|
An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content.
|
|
CVE-2025-7739
2025-08-13 18:15 UTC
HIGH 8.7
|
An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped label descriptions.
|
|
|
CVE-2025-4609
2025-08-22 21:15 UTC
CRITICAL 9.6
|
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
|
|
CVE-2025-8578
2025-08-07 02:15 UTC
HIGH 8.8
|
Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|
CVE-2025-8901
2025-08-13 03:15 UTC
HIGH 8.8
|
Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
|
|
CVE-2025-8576
2025-08-07 02:15 UTC
HIGH 8.8
|
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
|
|
CVE-2025-8292
2025-07-30 02:17 UTC
HIGH 8.8
|
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|
CVE-2025-8879
2025-08-13 03:15 UTC
HIGH 8.8
|
Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High)
|
|
CVE-2025-8880
2025-08-13 03:15 UTC
HIGH 8.8
|
Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
|
CVE-2025-8882
2025-08-13 03:15 UTC
HIGH 8.8
|
Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|
CVE-2025-9132
2025-08-20 01:15 UTC
HIGH 8.8
|
Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|
|
CVE-2025-6000
2025-08-01 18:15 UTC
CRITICAL 9.1
|
A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
|
|
CVE-2025-5999
2025-08-01 18:15 UTC
HIGH 7.2
|
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.
|
|
|
IBM :: DB2 Database
IBM :: QRadar
|
|
CVE-2025-33092
2025-07-29 19:15 UTC
HIGH 7.8
|
IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2
is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system.
|
|
CVE-2025-33120
2025-08-22 15:15 UTC
HIGH 7.8
|
IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.
|
|
|
Ivanti :: Ivanti Avalanche
Ivanti :: Ivanti Connect Secure
Ivanti :: Ivanti Policy Secure
|
|
CVE-2025-5456
2025-08-12 15:15 UTC
HIGH 7.5
|
A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service. CWE-125
|
|
CVE-2025-5462
2025-08-12 15:15 UTC
HIGH 7.5
|
A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service.
|
|
CVE-2025-8296
2025-08-12 15:15 UTC
HIGH 7.2
|
SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution
|
|
CVE-2025-8297
2025-08-12 15:15 UTC
HIGH 7.2
|
Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution
|
|
|
JetBrains :: TeamCity
JetBrains :: YouTrack
|
|
CVE-2025-57731
2025-08-20 10:15 UTC
HIGH 8.7
|
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
|
|
CVE-2025-54531
2025-07-28 17:15 UTC
HIGH 7.7
|
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows
|
|
CVE-2025-57732
2025-08-20 10:15 UTC
HIGH 7.5
|
In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
|
|
CVE-2025-54530
2025-07-28 17:15 UTC
HIGH 7.5
|
In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions
|
|
|
Microsoft :: Exchange Server
Microsoft :: Hyper-V
Microsoft :: Office
Microsoft :: SharePoint
Microsoft :: SharePoint Server
Microsoft :: SQL Server
Microsoft :: Teams
Microsoft :: Visual Studio
Microsoft :: Windows / OS
|
|
CVE-2025-47954
2025-08-12 18:15 UTC
HIGH 8.8
|
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-49759
2025-08-12 18:15 UTC
HIGH 8.8
|
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-49758
2025-08-12 18:15 UTC
HIGH 8.8
|
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-24999
2025-08-12 18:15 UTC
HIGH 8.8
|
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-53727
2025-08-12 18:15 UTC
HIGH 8.8
|
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-49712
2025-08-12 18:15 UTC
HIGH 8.8
|
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
|
CVE-2025-53740
2025-08-12 18:15 UTC
HIGH 8.4
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
|
CVE-2025-53731
2025-08-12 18:15 UTC
HIGH 8.4
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
|
CVE-2025-53786
2025-08-06 16:15 UTC
HIGH 8.0
|
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identified specific security implications tied to the guidance and configuration steps outlined in the April announcement. Microsoft is issuing CVE-2025-53786 to document a vulnerability that is addressed by taking the steps documented with the April 18th announcement. Microsoft strongly recommends reading the information, installing the April 2025 (or later) Hot Fix and implementing the changes in your Exchange Server and hybrid environment.
|
|
CVE-2025-53732
2025-08-12 18:15 UTC
HIGH 7.8
|
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
|
|
CVE-2025-53151
2025-08-12 18:15 UTC
HIGH 7.8
|
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53723
2025-08-12 18:15 UTC
HIGH 7.8
|
Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53789
2025-08-12 18:15 UTC
HIGH 7.8
|
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53154
2025-08-12 18:15 UTC
HIGH 7.8
|
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53155
2025-08-12 18:15 UTC
HIGH 7.8
|
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53773
2025-08-12 18:15 UTC
HIGH 7.8
|
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
|
|
CVE-2025-49761
2025-08-12 18:15 UTC
HIGH 7.8
|
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-53141
2025-08-12 18:15 UTC
HIGH 7.8
|
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-50168
2025-08-12 18:15 UTC
HIGH 7.8
|
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-33051
2025-08-12 18:15 UTC
HIGH 7.5
|
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
|
|
CVE-2025-53783
2025-08-12 18:15 UTC
HIGH 7.5
|
Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.
|
|
CVE-2025-53760
2025-08-12 18:15 UTC
HIGH 7.1
|
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
|
|
CVE-2025-50167
2025-08-12 18:15 UTC
HIGH 7.0
|
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
|
|
CVE-2025-9491
2025-08-26 17:15 UTC
HIGH 7.0
|
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of .LNK files. Crafted data in an .LNK file can cause hazardous content in the file to be invisible to a user who inspects the file via the Windows-provided user interface. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25373.
|
|
CVE-2025-53721
2025-08-12 18:15 UTC
HIGH 7.0
|
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
|
|
|
Mozilla :: Firefox
Mozilla :: Firefox ESR
Mozilla :: Thunderbird
|
|
CVE-2025-9187
2025-08-19 21:15 UTC
CRITICAL 9.8
|
Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142.
|
|
CVE-2025-8042
2025-08-19 21:15 UTC
CRITICAL 9.8
|
Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.
|
|
CVE-2025-9179
2025-08-19 21:15 UTC
CRITICAL 9.8
|
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
|
|
CVE-2025-9184
2025-08-19 21:15 UTC
HIGH 8.1
|
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
|
|
CVE-2025-9185
2025-08-19 21:15 UTC
HIGH 8.1
|
Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
|
|
CVE-2025-9180
2025-08-19 21:15 UTC
HIGH 8.1
|
'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
|
|
CVE-2025-9182
2025-08-19 21:15 UTC
HIGH 7.5
|
'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
|
|
|
NVIDIA :: NVIDIA GPU Drivers
NVIDIA :: NVIDIA Triton Inference Server
|
|
CVE-2025-23311
2025-08-06 13:15 UTC
CRITICAL 9.8
|
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, or data tampering.
|
|
CVE-2025-23310
2025-08-06 13:15 UTC
CRITICAL 9.8
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.
|
|
CVE-2025-23317
2025-08-06 13:15 UTC
CRITICAL 9.1
|
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
|
|
CVE-2025-23318
2025-08-06 13:15 UTC
HIGH 8.1
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure.
|
|
CVE-2025-23319
2025-08-06 13:15 UTC
HIGH 8.1
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
|
|
CVE-2025-23331
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23322
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23323
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23321
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23324
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23325
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23326
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
|
|
CVE-2025-23327
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this vulnerability might lead to denial of service and data tampering.
|
|
CVE-2025-23320
2025-08-06 13:15 UTC
HIGH 7.5
|
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure.
|
|
CVE-2025-23277
2025-08-02 22:15 UTC
HIGH 7.3
|
NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or information disclosure.
|
|
CVE-2025-23278
2025-08-02 22:15 UTC
HIGH 7.1
|
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service.
|
|
CVE-2025-23281
2025-08-02 22:15 UTC
HIGH 7.0
|
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
|
|
| PostgreSQL Global Development Group |
2 CVEs
|
|
PostgreSQL Global Development Group :: PostgreSQL
|
|
CVE-2025-8714
2025-08-14 13:15 UTC
HIGH 8.8
|
Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
|
|
CVE-2025-8715
2025-08-14 13:15 UTC
HIGH 8.8
|
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
|
|
|
CVE-2025-42957
2025-08-12 03:15 UTC
CRITICAL 9.9
|
SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
|
|
|
Trend Micro :: Trend Micro Apex One
|
|
CVE-2025-54987
2025-08-05 13:15 UTC
CRITICAL 9.4
|
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.
|
|
CVE-2025-54948
2025-08-05 13:15 UTC
CRITICAL 9.4
|
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
|
|
|
CVE-2025-8088
2025-08-08 12:15 UTC
HIGH 8.8
|
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.
|
|
| Zoom Video Communications |
1 CVE
|
|
Zoom Video Communications :: Zoom
|
|
CVE-2025-49457
2025-08-12 23:15 UTC
CRITICAL 9.6
|
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
|
|
|
|
|
You received this email because you're subscribed to automated CVE alerts.
|
|