Latest CVE Feed
-
7.8
HIGHCVE-2025-47368
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47367
Memory corruption while accessing a buffer during IOCTL processing.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-43407
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An app may be able to break out of its sandbox.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-20733
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00441509; ... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-55694
Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_23h2 windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_2h2- Published: Oct. 14, 2025
- Modified: Oct. 30, 2025
-
7.8
HIGHCVE-2025-10934
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in tha... Read more
- Published: Oct. 29, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59277
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
7.8
HIGHCVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-43474
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause unexpected system termination or read kernel memory.... Read more
Affected Products : macos- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27070
Memory corruption while performing encryption and decryption commands.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +340 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47353
Memory corruption while processing request sent from GVM.... Read more
Affected Products : qca6595_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware qca6797aq_firmware sa8255p_firmware qam8650p_firmware qam8775p_firmware qca6595 sa8770p_firmware +26 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59290
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 22, 2025
-
7.8
HIGHCVE-2025-47360
Memory corruption while processing client message during device management.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59241
Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 17, 2025
-
7.8
HIGHCVE-2025-47361
Memory corruption when triggering a subsystem crash with an out-of-range identifier.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +46 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-54545
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell and elevate their privileges.... Read more
Affected Products : danz_monitoring_fabric- Published: Oct. 29, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-53814
A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability.... Read more
Affected Products :- Published: Oct. 28, 2025
- Modified: Nov. 03, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47352
Memory corruption while processing audio streaming operations.... Read more
Affected Products : fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware fastconnect_7800 wsa8840 wsa8845 wsa8845h qcc2072_firmware qcc2072 +18 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-12204
A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried ou... Read more
Affected Products : kamailio- Published: Oct. 27, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59231
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Oct. 14, 2025
- Modified: Oct. 28, 2025