Lista CVE - 2025 / Agosto
Visualizzazione 1001 - 1100 di 3631 CVE per Agosto 2025 (Pagina 11 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-40764 | 2025-08-12 | A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability... |
| CVE-2025-40766 | 2025-08-12 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an... |
| CVE-2025-40767 | 2025-08-12 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow... |
| CVE-2025-40768 | 2025-08-12 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This... |
| CVE-2025-40769 | 2025-08-12 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could... |
| CVE-2025-40770 | 2025-08-12 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could... |
| CVE-2025-43735 | 2025-08-12 | A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4... |
| CVE-2025-22834 | 2025-08-12 | ThirdPartyVideo SetVariable Vulnerability |
| CVE-2025-22830 | 2025-08-12 | SmiFlash Race Condition Vulnerability |
| CVE-2024-38805 | 2025-08-12 | iSCSI Remote Memory Corruption and Denial of Service |
| CVE-2025-8296 | 2025-08-12 | SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote... |
| CVE-2025-8297 | 2025-08-12 | Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution |
| CVE-2025-8310 | 2025-08-12 | Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password |
| CVE-2025-3831 | 2025-08-12 | Exposed SFTP server |
| CVE-2025-5456 | 2025-08-12 | A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4... |
| CVE-2025-5462 | 2025-08-12 | A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4... |
| CVE-2025-5466 | 2025-08-12 | XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on... |
| CVE-2025-5468 | 2025-08-12 | Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access... |
| CVE-2025-8452 | 2025-08-12 | Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., Toshiba Tec, and Konica Minolta, Inc. |
| CVE-2025-54800 | 2025-08-12 | Hydra persistent XSS in build metrics |
| CVE-2025-54864 | 2025-08-12 | Hydra missing authentication when triggering evaluations through GitHub and Gitea plugins |
| CVE-2025-55011 | 2025-08-12 | Kanboard Path Traversal in File Write via Task File Upload Api |
| CVE-2025-55010 | 2025-08-12 | Kanboard Authenticated Admin Remote Code Execution via Unsafe Deserialization of Events |
| CVE-2025-38500 | 2025-08-12 | xfrm: interface: fix use-after-free after changing collect_md xfrm interface |
| CVE-2025-55164 | 2025-08-12 | content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE |
| CVE-2025-3089 | 2025-08-12 | Broken Access Control in ServiceNow AI Platform |
| CVE-2025-55166 | 2025-08-12 | svg-sanitizer By-Passing Attribute Sanitization |
| CVE-2025-55167 | 2025-08-12 | WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php` |
| CVE-2025-20017 | 2025-08-12 | Uncontrolled search path for some Intel(R) oneAPI Toolkit and component software installers may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20023 | 2025-08-12 | Incorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20025 | 2025-08-12 | Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2025-20037 | 2025-08-12 | Time-of-check time-of-use race condition in firmware for some Intel(R) Converged Security and Management Engine may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2025-20048 | 2025-08-12 | Uncontrolled search path for the Intel(R) Trace Analyzer and Collector software all verions may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20053 | 2025-08-12 | Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2025-20067 | 2025-08-12 | Observable timing discrepancy in firmware for some Intel(R) CSME and Intel(R) SPS may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2025-20074 | 2025-08-12 | Time-of-check Time-of-use race condition for some Intel(R) Connectivity Performance Suite software installers before version 40.24.11210 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20077 | 2025-08-12 | Missing release of memory after effective lifetime in the UEFI OobRasMmbiHandlerDriver module for some Intel(R) reference server platforms may allow a privileged user to enable denial of service via local... |
| CVE-2025-20087 | 2025-08-12 | Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20090 | 2025-08-12 | Untrusted Pointer Dereference for some Intel(R) QuickAssist Technology software before version 2.5.0 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2025-20092 | 2025-08-12 | Uncontrolled search path for some Clock Jitter Tool software before version 6.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20093 | 2025-08-12 | Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation... |
| CVE-2025-20099 | 2025-08-12 | Improper access control for some Intel(R) Rapid Storage Technology installation software may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20109 | 2025-08-12 | Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-20613 | 2025-08-12 | Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2025-20625 | 2025-08-12 | Improper conditions check for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.110.0.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| CVE-2025-20627 | 2025-08-12 | Uncontrolled search path for some Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-21086 | 2025-08-12 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege. |
| CVE-2025-21090 | 2025-08-12 | Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2025-21093 | 2025-08-12 | Uncontrolled search path element for some Intel(R) Driver & Support Assistant Tool software before version 24.6.49.8 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-21096 | 2025-08-12 | Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2025-22392 | 2025-08-12 | Out-of-bounds read in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via network access. |
| CVE-2025-22836 | 2025-08-12 | Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2025-22838 | 2025-08-12 | Uncontrolled search path for some Intel(R) RealSense(TM) Dynamic Calibrator software before version 2.14.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-22839 | 2025-08-12 | Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. |
| CVE-2025-22840 | 2025-08-12 | Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access |
| CVE-2025-22853 | 2025-08-12 | Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2025-22889 | 2025-08-12 | Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local... |
| CVE-2025-22893 | 2025-08-12 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2025-23241 | 2025-08-12 | Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable denial of service via... |
| CVE-2025-24296 | 2025-08-12 | Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may allow a privileged user to enable denial of service via local access. |
| CVE-2025-24302 | 2025-08-12 | Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-24303 | 2025-08-12 | Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation... |
| CVE-2025-24305 | 2025-08-12 | Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local... |
| CVE-2025-24313 | 2025-08-12 | Improper access control for some Device Plugins for Kubernetes software maintained by Intel before version 0.32.0 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2025-24323 | 2025-08-12 | Improper access control in some firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1 may allow a privileged user to potentially enable escalation... |
| CVE-2025-24324 | 2025-08-12 | Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2025-24325 | 2025-08-12 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2025-24484 | 2025-08-12 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2025-24486 | 2025-08-12 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2025-24511 | 2025-08-12 | Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via data exposure. |
| CVE-2025-24515 | 2025-08-12 | NULL pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2025-24520 | 2025-08-12 | Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2514.7.16.0 may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2025-24523 | 2025-08-12 | Protection mechanism failure for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. |
| CVE-2025-24835 | 2025-08-12 | Protection mechanism failure in the Intel(R) Graphics Driver for the Intel(R) Arc(TM) B-Series graphics before version 32.0.101.6737 may allow an authenticated user to potentially enable denial of service via local... |
| CVE-2025-24840 | 2025-08-12 | Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2025-24921 | 2025-08-12 | Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access. |
| CVE-2025-24923 | 2025-08-12 | Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-25273 | 2025-08-12 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2025-26403 | 2025-08-12 | Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege... |
| CVE-2025-26404 | 2025-08-12 | Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-26470 | 2025-08-12 | Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-26472 | 2025-08-12 | Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. |
| CVE-2025-26697 | 2025-08-12 | Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. |
| CVE-2025-26863 | 2025-08-12 | Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service. |
| CVE-2025-27250 | 2025-08-12 | Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access. |
| CVE-2025-27537 | 2025-08-12 | Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2025-27559 | 2025-08-12 | Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-27576 | 2025-08-12 | Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access. |
| CVE-2025-27707 | 2025-08-12 | Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial... |
| CVE-2025-27717 | 2025-08-12 | Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access |
| CVE-2025-32004 | 2025-08-12 | Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2025-32086 | 2025-08-12 | Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially... |
| CVE-2024-33607 | 2025-08-12 | Out-of-bounds read in some Intel(R) TDX module software before version TDX_1.5.07.00.774 may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2025-49567 | 2025-08-12 | Illustrator | NULL Pointer Dereference (CWE-476) |
| CVE-2025-49564 | 2025-08-12 | Illustrator | Stack-based Buffer Overflow (CWE-121) |
| CVE-2025-49568 | 2025-08-12 | Illustrator | Use After Free (CWE-416) |
| CVE-2025-49563 | 2025-08-12 | Illustrator | Out-of-bounds Write (CWE-787) |
| CVE-2025-49751 | 2025-08-12 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2025-49745 | 2025-08-12 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2025-49758 | 2025-08-12 | Microsoft SQL Server Elevation of Privilege Vulnerability |