Total
194 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52516 | 1 Samsung | 16 Exynos, Exynos 1330, Exynos 1330 Firmware and 13 more | 2026-01-09 | 6.2 Medium |
| An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service. | ||||
| CVE-2025-47343 | 1 Qualcomm | 1 Snapdragon | 2026-01-08 | 7.8 High |
| Memory corruption while processing a video session to set video parameters. | ||||
| CVE-2025-47380 | 1 Qualcomm | 1 Snapdragon | 2026-01-08 | 7.8 High |
| Memory corruption while preprocessing IOCTLs in sensors. | ||||
| CVE-2025-62560 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-01-07 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-62556 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-01-07 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-62561 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-01-07 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-62549 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2026-01-07 | 8.8 High |
| Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-59207 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2026-01-07 | 7.8 High |
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2024-40978 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel E4s and 1 more | 2026-01-05 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf() and then call simple_read_from_buffer(), which in turns make the copy_to_user() call. BUG: unable to handle page fault for address: 00007f4801111000 PGD 8000000864df6067 P4D 8000000864df6067 PUD 864df7067 PMD 846028067 PTE 0 Oops: 0002 [#1] PREEMPT SMP PTI Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/15/2023 RIP: 0010:memcpy_orig+0xcd/0x130 RSP: 0018:ffffb7a18c3ffc40 EFLAGS: 00010202 RAX: 00007f4801111000 RBX: 00007f4801111000 RCX: 000000000000000f RDX: 000000000000000f RSI: ffffffffc0bfd7a0 RDI: 00007f4801111000 RBP: ffffffffc0bfd7a0 R08: 725f746f6e5f6f64 R09: 3d7265766f636572 R10: ffffb7a18c3ffd08 R11: 0000000000000000 R12: 00007f4881110fff R13: 000000007fffffff R14: ffffb7a18c3ffca0 R15: ffffffffc0bfd7af FS: 00007f480118a740(0000) GS:ffff98e38af00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4801111000 CR3: 0000000864b8e001 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __die_body+0x1a/0x60 ? page_fault_oops+0x183/0x510 ? exc_page_fault+0x69/0x150 ? asm_exc_page_fault+0x22/0x30 ? memcpy_orig+0xcd/0x130 vsnprintf+0x102/0x4c0 sprintf+0x51/0x80 qedi_dbg_do_not_recover_cmd_read+0x2f/0x50 [qedi 6bcfdeeecdea037da47069eca2ba717c84a77324] full_proxy_read+0x50/0x80 vfs_read+0xa5/0x2e0 ? folio_add_new_anon_rmap+0x44/0xa0 ? set_pte_at+0x15/0x30 ? do_pte_missing+0x426/0x7f0 ksys_read+0xa5/0xe0 do_syscall_64+0x58/0x80 ? __count_memcg_events+0x46/0x90 ? count_memcg_event_mm+0x3d/0x60 ? handle_mm_fault+0x196/0x2f0 ? do_user_addr_fault+0x267/0x890 ? exc_page_fault+0x69/0x150 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f4800f20b4d | ||||
| CVE-2025-59187 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-01-02 | 7.8 High |
| Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55696 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1809 and 19 more | 2026-01-02 | 7.8 High |
| Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55681 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1809 and 19 more | 2026-01-02 | 7 High |
| Out-of-bounds read in Windows DWM allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55677 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-01-02 | 7.8 High |
| Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24990 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-01-02 | 7.8 High |
| Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. | ||||
| CVE-2025-62200 | 1 Microsoft | 10 365, 365 Apps, Excel and 7 more | 2026-01-02 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-60713 | 1 Microsoft | 8 Remote, Windows Server, Windows Server 2016 and 5 more | 2026-01-02 | 7.8 High |
| Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-60719 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1607 and 24 more | 2026-01-02 | 7 High |
| Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-60728 | 1 Microsoft | 8 365, 365 Apps, Office and 5 more | 2026-01-02 | 4.3 Medium |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-60708 | 1 Microsoft | 22 Windows, Windows 10, Windows 10 1607 and 19 more | 2026-01-02 | 6.5 Medium |
| Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. | ||||
| CVE-2025-60703 | 1 Microsoft | 28 Remote, Remote Desktop, Windows and 25 more | 2026-01-02 | 7.8 High |
| Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | ||||