CVE Brief Security Intelligence

Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network

Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally

The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1

The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_entry_files() function in all versions up to, and including, 1

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally

Helm is a package manager for Charts for Kubernetes

Jenkins Git Parameter Plugin 439

A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation

A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication

A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on the device after the watchdog has been initialized

A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device

A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to any file on the device

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network

An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations

Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network

An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation

A heap-based buffer overflow vulnerability exists in VS6Sim

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check

An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface

A vulnerability has been identified in SINEC NMS (All versions < V4

A vulnerability has been identified in SINEC NMS (All versions < V4

A vulnerability has been identified in SINEC NMS (All versions < V4

A vulnerability has been identified in RUGGEDCOM RMC8388 V5

Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network

The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm

In Juju versions prior to 3

ColdFusion versions 2025

A vulnerability was found in D-Link DI-500WF 17

The Linux distribution underlying the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords

Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network

A directory traversal vulnerability was discovered in White Star Software Protop version 4

SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system

A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07

A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals

ColdFusion versions 2025

A vulnerability has been identified in TIA Administrator (All versions < V3

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225

Memory corruption while retrieving the CBOR data from TA

Memory corruption while copying the result to the transmission queue in EMAC

Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host

Memory corruption while processing a private escape command in an event trigger

Memory corruption while processing video packets received from video firmware

Memory corruption while processing manipulated payload in video firmware

Memory corruption while executing timestamp video decode command with large input values

Memory corruption while processing multiple simultaneous escape calls

Memory corruption while processing the TESTPATTERNCONFIG escape path

Memory corruption while processing event close when client process terminates abruptly

Memory corruption while processing command message in WLAN Host

Memory corruption while processing data packets in diag received from Unix clients

Memory corruption during the image encoding process

Memory corruption during sub-system restart while processing clean-up to free up resources

Memory corruption while processing packet data with exceedingly large packet

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware

Substance3D - Designer versions 14

Substance3D - Designer versions 14

Substance3D - Designer versions 14

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally