Total
8275 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21256 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21232 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21229 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21228 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21227 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21226 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21341 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21327 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21265 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21263 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21260 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21258 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21257 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-09-09 | 5.5 Medium |
| Windows WLAN AutoConfig Service Information Disclosure Vulnerability | ||||
| CVE-2025-21255 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21249 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 6.6 Medium |
| Windows Digital Media Elevation of Privilege Vulnerability | ||||
| CVE-2025-21215 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-09-09 | 4.6 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2025-23133 | 2025-09-09 | 6.0 Medium | ||
| In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: update channel list in reg notifier instead reg worker Currently when ath11k gets a new channel list, it will be processed according to the following steps: 1. update new channel list to cfg80211 and queue reg_work. 2. cfg80211 handles new channel list during reg_work. 3. update cfg80211's handled channel list to firmware by ath11k_reg_update_chan_list(). But ath11k will immediately execute step 3 after reg_work is just queued. Since step 2 is asynchronous, cfg80211 may not have completed handling the new channel list, which may leading to an out-of-bounds write error: BUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list Call Trace: ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k] kfree+0x109/0x3a0 ath11k_regd_update+0x1cf/0x350 [ath11k] ath11k_regd_update_work+0x14/0x20 [ath11k] process_one_work+0xe35/0x14c0 Should ensure step 2 is completely done before executing step 3. Thus Wen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set, cfg80211 will notify ath11k after step 2 is done. So enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will notify ath11k after step 2 is done. At this time, there will be no KASAN bug during the execution of the step 3. [1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/ Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3 | ||||
| CVE-2025-58050 | 1 Pcre | 1 Pcre2 | 2025-09-09 | 9.1 Critical |
| The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46. | ||||
| CVE-2023-31330 | 1 Amd | 8 Athlon, Athlon 3000, Ryzen 3000 and 5 more | 2025-09-08 | 2.5 Low |
| An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality. | ||||
| CVE-2025-57052 | 2 Cjson Project, Davegamble | 2 Cjson, Cjson | 2025-09-08 | 9.8 Critical |
| cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters. | ||||