Latest CVE Feed
-
7.8
HIGHCVE-2025-59255
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +2 more products- Published: Oct. 14, 2025
- Modified: Oct. 17, 2025
-
7.8
HIGHCVE-2025-20714
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. ... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 15, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59254
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +5 more products- Published: Oct. 14, 2025
- Modified: Oct. 17, 2025
-
7.8
HIGHCVE-2025-47360
Memory corruption while processing client message during device management.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47367
Memory corruption while accessing a buffer during IOCTL processing.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59230
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Actively Exploited
- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
7.8
HIGHCVE-2025-20723
In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Pat... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 15, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-58724
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 20, 2025
-
7.8
HIGHCVE-2025-10924
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targe... Read more
Affected Products : gimp- Published: Oct. 29, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-46423
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execu... Read more
Affected Products : unity_operating_environment- Published: Oct. 30, 2025
- Modified: Nov. 07, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-24990
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October c... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products- Actively Exploited
- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
7.8
HIGHCVE-2025-9871
Razer Synapse 3 Chroma Connect Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low... Read more
Affected Products : synapse- Published: Oct. 29, 2025
- Modified: Nov. 06, 2025
- Vuln Type: Path Traversal
-
7.8
HIGHCVE-2025-50175
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products- Published: Oct. 14, 2025
- Modified: Oct. 16, 2025
-
7.8
HIGHCVE-2025-47353
Memory corruption while processing request sent from GVM.... Read more
Affected Products : qca6595_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware qca6797aq_firmware sa8255p_firmware qam8650p_firmware qam8775p_firmware qca6595 sa8770p_firmware +26 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-54545
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell and elevate their privileges.... Read more
Affected Products : danz_monitoring_fabric- Published: Oct. 29, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-53150
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +2 more products- Published: Oct. 14, 2025
- Modified: Oct. 20, 2025
-
7.8
HIGHCVE-2025-47368
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59494
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : azure_monitor_agent- Published: Oct. 14, 2025
- Modified: Oct. 22, 2025
-
7.8
HIGHCVE-2025-40811
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT file... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Memory Corruption