CVE-2025-42895

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...

CVE-2025-42940

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality...

CVE-2025-42889

SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...

CVE-2025-65001

Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability...

Fujitsu BIOS Driver 缓冲区错误漏洞

Fujitsu BIOS Driver is a system driver from Fujitsu Japan. A buffer error vulnerability exists in Fujitsu BIOS Driver versions prior to 2.5.0.0, which stems from a lack of sufficient validation of inputs, and could allow an attacker to compromise the confidentiality, integrity, and availability o...

CVE-2025-65001

CVE-2025-65001 affects Fujitsu fbiosdrv.sys prior to version 2.5.0.0. The CIRCL/NVD/Red Hat and other records describe a local, high-privilege attacker exploiting a buffer/input validation flaw in fbiosdrv.sys that could compromise confidentiality, integrity, and availability. Affected component:...

OPENSUSE-SU-2025:15729-1 go-sendxmpp-0.15.1-1.1 on GA media

These are all security issues fixed in the go-sendxmpp-0.15.1-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2025-93477

Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

EUVD-2025-93507

Protection mechanism failure for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-32449

Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

CVE-2025-32732

Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

CVE-2025-31937

Out-of-bounds read for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur...

CVE-2025-26694

Null pointer dereference for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

CVE-2025-24512

Improper input validation for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result m...

CVE-2025-35972

Uncontrolled search path for the Intel MPI Library before version 2021.16 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

CVE-2025-35967

Out-of-bounds read for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This...

CVE-2025-35963

Insufficient control flow management for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of...

CVE-2025-32091

Incorrect default permissions in some firmware for the IntelR ArcTM B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may...

CVE-2025-26694

Null pointer dereference for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...