Latest CVE Feed
-
7.8
HIGHCVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +60 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47367
Memory corruption while accessing a buffer during IOCTL processing.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59231
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 office_macos_2021 excel_2016 office_2024 office_2021 +1 more products- Published: Oct. 14, 2025
- Modified: Oct. 28, 2025
-
7.8
HIGHCVE-2025-59290
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 22, 2025
-
7.8
HIGHCVE-2025-36007
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.... Read more
Affected Products : qradar_security_information_and_event_manager- Published: Oct. 27, 2025
- Modified: Nov. 03, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-43407
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An app may be able to break out of its sandbox.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-62579
ASDA-Soft Stack-based Buffer Overflow Vulnerability... Read more
Affected Products : asda_soft- Published: Oct. 16, 2025
- Modified: Oct. 28, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27070
Memory corruption while performing encryption and decryption commands.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +340 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-59238
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.... Read more
Affected Products : office 365_apps powerpoint office_long_term_servicing_channel office_2024 office_2021 office_2019 powerpoint_2016- Published: Oct. 14, 2025
- Modified: Oct. 16, 2025
-
7.8
HIGHCVE-2025-47354
Memory corruption while allocating buffers in DSP service.... Read more
- Published: Oct. 09, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47351
Memory corruption while processing user buffers.... Read more
Affected Products : wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware wcd9370_firmware wcd9375_firmware wcn3950_firmware wsa8832_firmware +46 more products- Published: Oct. 09, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-46423
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execu... Read more
Affected Products : unity_operating_environment- Published: Oct. 30, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-47368
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-47361
Memory corruption when triggering a subsystem crash with an out-of-range identifier.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +46 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vul... Read more
Affected Products :- Published: Oct. 20, 2025
- Modified: Nov. 03, 2025
- Vuln Type: Injection
-
7.8
HIGHCVE-2025-59234
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 28, 2025
-
7.8
HIGHCVE-2025-47353
Memory corruption while processing request sent from GVM.... Read more
Affected Products : qca6595_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware qca6797aq_firmware sa8255p_firmware qam8650p_firmware qam8775p_firmware qca6595 sa8770p_firmware +26 more products- Published: Nov. 04, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-33003
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges.... Read more
Affected Products : infosphere_information_server- Published: Oct. 31, 2025
- Modified: Nov. 05, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-53150
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +2 more products- Published: Oct. 14, 2025
- Modified: Oct. 20, 2025
-
7.8
HIGHCVE-2025-59199
Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products- Published: Oct. 14, 2025
- Modified: Oct. 30, 2025