Latest CVE Feed
-
8.0
HIGHCVE-2025-53720
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
5.7
MEDIUMCVE-2025-53719
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Information Disclosure
-
7.0
HIGHCVE-2025-53718
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2023-39328
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.... Read more
- Published: Jul. 09, 2024
- Modified: Aug. 18, 2025
-
3.3
LOWCVE-2022-47112
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.... Read more
Affected Products : 7-zip- Published: Apr. 19, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Misconfiguration
-
6.5
MEDIUMCVE-2025-53716
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
3.3
LOWCVE-2022-47111
7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.... Read more
Affected Products : 7-zip- Published: Apr. 19, 2025
- Modified: Aug. 18, 2025
-
5.5
MEDIUMCVE-2025-53156
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-53155
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53145
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53144
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.8
HIGHCVE-2025-53143
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53726
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53725
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-53724
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption
-
8.7
HIGHCVE-2025-35995
When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:... Read more
- Published: May. 07, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
8.7
HIGHCVE-2025-36525
When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more
Affected Products : big-ip_access_policy_manager- Published: May. 07, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Denial of Service
-
8.8
HIGHCVE-2025-2766
70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of 70mai A510. Authentication is not required to exploit this vulnerability. T... Read more
- Published: Jun. 06, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Authentication
-
8.8
HIGHCVE-2025-3485
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The s... Read more
Affected Products : allegra- Published: Jun. 06, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Path Traversal
-
8.8
HIGHCVE-2025-5473
GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the targ... Read more
Affected Products : gimp- Published: Jun. 06, 2025
- Modified: Aug. 18, 2025
- Vuln Type: Memory Corruption