CVE-2025-46637

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

AIX is vulnerable to an out-of-bounds read (CVE-2025-9230 CVE-2025-9232) due to OpenSSL

IBM SECURITY ADVISORY First Issued: Wed Dec 10 16:28:35 CST 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/openssladvisory45.asc Security Bulletin: AIX is vulnerable to an out-of-bounds read CVE-2025,9230, CVE-2025-9232 due to...

Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling

Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express PCIe Integrity and Data Encryption IDE protocol specification that could expose a local attacker to serious risks. The flaws impact PCIe Base Specification Revision 5.0 and onwards in the protocol...

CVE-2025-65825

The CVE-2025-65825 entry affects Meatmeet basestation firmware where the firmware image is not encrypted. The root cause is unencrypted firmware dumping via UART after physical access, enabling an attacker to extract the firmware and access credentials stored in the NVS partition for current and ...

EUVD-2025-202313

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to...

EUVD-2025-202314

A vulnerability was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completion...

CVE-2025-9613

A vulnerability was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completion...

CVE-2025-9614

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to...

CVE-2025-9614 CVE-2025-9614

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to...

CVE-2025-9612 CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612

CVE-2025-9612 concerns the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification. The issue is that insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection, enabling local or physi...

CVE-2025-9612 CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-46636

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2025-46636

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2025-46637

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-46637

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A local malicious user could potentially exploit this vulnerability, leading to Elevation of privileges...

EUVD-2025-202264

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2025-46636

Dell Encryption (versions prior to 11.12.1) is affected by an Improper Link Resolution Before File Access ("Link Following") vulnerability. A low-privilege, local attacker could exploit this to tamper with information. The issue is documented across multiple sources (NVD, Red Hat, CVE lists) with...

CVE-2025-46636

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...

CVE-2025-46636

Dell Encryption, versions prior to 11.12.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering...