Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2025-20067

    Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 5.6

    MEDIUM
    CVE-2025-20077

    Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Memory Corruption

  • 6.7

    MEDIUM
    CVE-2025-22838

    Uncontrolled search path for some Intel(R) RealSense(TM) Dynamic Calibrator software before version 2.14.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 4.4

    MEDIUM
    CVE-2025-20025

    Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service

  • 6.7

    MEDIUM
    CVE-2025-26404

    Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : driver_\&_support_assistant
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 6.7

    MEDIUM
    CVE-2025-24302

    Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-5466

    XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker ... Read more

    Affected Products : connect_secure policy_secure
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: XML External Entity

  • 5.5

    MEDIUM
    CVE-2025-5468

    Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025)... Read more

    Affected Products : connect_secure policy_secure
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-5456

    A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a re... Read more

    Affected Products : connect_secure policy_secure
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2025-24511

    Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via data exposure.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2025-25007

    Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 8.1

    HIGH
    CVE-2025-3831

    Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2025-25006

    Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 7.5

    HIGH
    CVE-2025-21086

    Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 6.7

    MEDIUM
    CVE-2025-27717

    Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 7.0

    HIGH
    CVE-2025-24323

    Improper access control in some firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1 may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authorization

  • 6.0

    MEDIUM
    CVE-2025-24296

    Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may allow a privileged user to enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service

  • 7.9

    HIGH
    CVE-2025-22889

    Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Memory Corruption

  • 5.7

    MEDIUM
    CVE-2024-33607

    Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products : tdx_module_software
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Information Disclosure

  • 6.3

    MEDIUM
    CVE-2024-38805

    EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.... Read more

    Affected Products : edk2
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291293 Results