Latest CVE Feed
-
8.8
HIGHCVE-2025-29905
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to... Read more
Affected Products : telecontrol_server_basic- Published: Apr. 16, 2025
- Modified: Aug. 19, 2025
-
6.3
MEDIUMCVE-2025-29931
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deseriali... Read more
Affected Products : telecontrol_server_basic- Published: Apr. 17, 2025
- Modified: Aug. 19, 2025
-
7.0
HIGHCVE-2025-49762
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-49761
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +8 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
8.8
HIGHCVE-2025-49757
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21915
In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driver_override_show() Fixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c This function driver_override_show() is part of DEVICE... Read more
Affected Products : linux_kernel- Published: Apr. 01, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-53133
Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
8.0
HIGHCVE-2025-53132
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
8.8
HIGHCVE-2025-53131
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
8.1
HIGHCVE-2025-50177
Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-50176
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-50173
Weak authentication in Windows Installer allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
6.5
MEDIUMCVE-2025-50172
Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-50170
Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +1 more products- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
9.9
CRITICALCVE-2024-41799
tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .d... Read more
Affected Products : tgstation-server- Published: Jul. 29, 2024
- Modified: Aug. 19, 2025
-
8.1
HIGHCVE-2024-45419
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.... Read more
- Published: Nov. 19, 2024
- Modified: Aug. 19, 2025
-
7.5
HIGHCVE-2025-50169
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an unauthorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-50168
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 19, 2025
-
5.3
MEDIUMCVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgradin... Read more
Affected Products : retroarch- Published: Aug. 19, 2025
- Modified: Aug. 19, 2025
-
5.3
MEDIUMCVE-2025-9134
A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper e... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 19, 2025