CVE-2025-20290

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-39246

CVE-2025-39246 describes an unquoted service path vulnerability in HikCentral FocSign. An authenticated user could potentially escalate privileges via local access. Affected: HikCentral FocSign (some versions); root cause: unquoted service path. Impact: local privilege escalation. Public details ...

CVE-2025-20290

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-20290 Cisco NXOS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-20290 Cisco NXOS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2025-20292

CVE-2025-20292 is a Cisco NX-OS Software CLI vulnerability. An authenticated, local attacker can inject commands due to insufficient input validation in an affected CLI command. Successful exploitation could allow reading and writing files on the underlying OS with the privileges of a non-root us...

CVE-2025-20292 Cisco NXOS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

ScanSnap Manager installers vulnerable to privilege escalation

Overview ScanSnap Manager installers provided by PFU Limited contain the following vulnerability. Incorrect privilege assignment CWE-266 - CVE-2025-57797 Kazuhira Agata, Kentaro Kan, Tomoaki Kobayashi, Takayuki Tomita, Yoshiaki Yamamuro reported this vulnerability to IPA. JPCERT/CC coordinated wi...

SUSE CVE-2025-20109

Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-20237

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...

CVE-2025-20238

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...

CVE-2025-21090

Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...

CVE-2025-24515

NULL pointer dereference for some IntelR Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access...

CVE-2025-20092

Uncontrolled search path for some Clock Jitter Tool software before version 6.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-22893

Insufficient control flow management in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-20109

Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...

CVE-2025-20220

A vulnerability in the CLI of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper inp...