| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
| An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c. |
| An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. |
| Loop with unreachable exit condition ('infinite loop') for some Intel(R) Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
| Incorrect default permissions for some Intel(R) Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
| Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
| Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. |
| SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read protected configuration files. This vulnerability is fixed in 3.5.5. |
| InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code. |
| Docmost is open-source collaborative wiki and documentation software. From g and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This allows Stored Cross-Site Scripting (XSS) attacks, where an attacker can execute arbitrary JavaScript in the context of any user who opens a shared page link. This vulnerability is fixed in 0.25.0. |
| An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints. |
| Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. |
| Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity |
| Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity. |
| Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions. |
| Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality. |
| The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service. |
