CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-24848

Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This...

CVE-2025-24512

Improper input validation for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result m...

CVE-2025-24512

Improper input validation for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result m...

kernel: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion

A flaw was found in the linux kernel. A race between cancelhwscan and hwscan completion may lead to compromised availability...

kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek()

A NULL pointer access may result in compromised availability...

kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek()

A NULL pointer access may result in compromised availability...

kernel: vrf: use RCU protection in l3mdev_l3_out()

A use-after-free vulnerability was found in the Linux kernel. l3mdevl3out can be called without RCU being held, causing damage to the availability of the system...

EUVD-2025-60979

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality...

EUVD-2025-60984

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...

EUVD-2025-60986

Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...

EUVD-2025-60988

SQL Anywhere Monitor Non-GUI baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This could cause high impact on confidentiality integrity and availability of the system...

EUVD-2025-60992

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

CVE-2025-42940

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality...

CVE-2025-42895

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...

CVE-2025-42889

SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...

CVE-2025-42940

CVE-2025-42940 affects SAP CommonCryptoLib. The issue is boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network, leading to memory corruption and an application crash. Impact is high on availability, with no confidentiality or integrity impact stated. Connect...

CVE-2025-42940 Memory Corruption vulnerability in SAP CommonCryptoLib

SAP CommonCryptoLib does not perform necessary boundary checks during pre-authentication parsing of manipulated ASN.1 data over the network. This may result in memory corruption followed by an application crash, hence leading to a high impact on availability. There is no impact on confidentiality...

CVE-2025-42895 Code Injection vulnerability in SAP HANA JDBC Client

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...

CVE-2025-42895 Code Injection vulnerability in SAP HANA JDBC Client

Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...