Latest CVE Feed
-
5.5
MEDIUMCVE-2025-55676
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 24, 2025
-
5.5
MEDIUMCVE-2025-41402
Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a privileged operator to enter invalid competency data, bypassing expiry checks. This issue affects Command Centre Server: 9.30 prior to vEL9.30.2482 (MR2),... Read more
Affected Products :- Published: Oct. 23, 2025
- Modified: Oct. 27, 2025
- Vuln Type: Authentication
-
5.5
MEDIUMCVE-2025-10874
The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More WordPress plugin before 3.0.2 does not limit URLs which may be used for the stock photo import feature, allowing the user to specify arbitrary URLs. This leads to a... Read more
Affected Products :- Published: Oct. 24, 2025
- Modified: Oct. 27, 2025
- Vuln Type: Server-Side Request Forgery
-
5.5
MEDIUMCVE-2025-48430
Uncaught Exception (CWE-248) in the Command Centre Server allows an Authorized and Privileged Operator to crash the Command Centre Server at will. This issue affects Command Centre Server: 9.30 prior to vEL9.30.2482 (MR2), 9.20 prior to vEL9.20.2819 (M... Read more
Affected Products :- Published: Oct. 23, 2025
- Modified: Oct. 27, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-46602
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability,... Read more
Affected Products : supportassist_os_recovery- Published: Oct. 27, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-59284
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.... Read more
Affected Products : windows_11_22h2 windows_11_23h2 windows_11_24h2 windows_server_2025 windows_11_25h2- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
5.5
MEDIUMCVE-2025-12310
A security vulnerability has been detected in VirtFusion up to 6.0.2. This vulnerability affects unknown code of the file /account/_settings of the component Email Change Handler. The manipulation leads to improper restriction of excessive authentication ... Read more
Affected Products :- Published: Oct. 27, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Authentication
-
5.5
MEDIUMCVE-2025-61155
Hotta Studio GameDriverX64.sys 7.23.4.7, a signed kernel-mode anti-cheat driver, allows local attackers to cause a denial of service by crashing arbitrary processes via sending crafted IOCTL requests.... Read more
Affected Products :- Published: Oct. 28, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-55695
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products- Published: Oct. 14, 2025
- Modified: Oct. 30, 2025
-
5.5
MEDIUMCVE-2025-55699
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +6 more products- Published: Oct. 14, 2025
- Modified: Oct. 31, 2025
-
5.5
MEDIUMCVE-2025-55683
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
5.5
MEDIUMCVE-2025-59197
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +6 more products- Published: Oct. 14, 2025
- Modified: Oct. 30, 2025
-
5.5
MEDIUMCVE-2025-55336
Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products- Published: Oct. 14, 2025
- Modified: Oct. 27, 2025
-
5.5
MEDIUMCVE-2025-59209
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +8 more products- Published: Oct. 14, 2025
- Modified: Oct. 17, 2025
-
5.5
MEDIUMCVE-2025-59260
Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.... Read more
- Published: Oct. 14, 2025
- Modified: Oct. 20, 2025
-
5.5
MEDIUMCVE-2025-43397
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause a denial-of-service.... Read more
Affected Products : macos- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-43394
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected user data.... Read more
Affected Products : macos- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Path Traversal
-
5.5
MEDIUMCVE-2025-43411
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data.... Read more
Affected Products : macos- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2025-43391
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access sensitive user data.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-43345
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, visionOS 26, iOS 18.7 and iPadOS 18.7. An app may be able to access sensitive user data.... Read more
- Published: Nov. 04, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Information Disclosure