CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31655

Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

ALPINE-CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-24851

Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

UBUNTU-CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-30513

CVE-2025-30513 describes a race condition in a TDX Module operating in Ring 0 that may enable local privilege escalation. The vulnerability could impact confidentiality and integrity (high) with no availability impact, via a local attack requiring high privileges and no user interaction, and with...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27243

Summary of CVE-2025-27243 : An out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810, prior to firmware cvl fw 1.7.8.x, can cause a denial of service. The impact is limited to availability with no confidentiality or integrity effects, but the attack is local and requires ...

CVE-2025-24851

CVE-2025-24851 affects Intel Ethernet Controller E810 100GbE firmware (cvl fw 1.7.8.x and earlier) running Ring 0 Bare Metal OS. The issue is an uncaught exception that may allow a local, privileged attacker with low complexity and no user interaction to cause denial of service, impacting availab...

CVE-2025-22885

CVE-2025-22885 concerns firmware for the TDX Module with an improper buffer restriction that may enable privilege escalation. The issue is exploitable locally by a system software adversary who already has privileged user access, under high attack complexity and with no user interaction required....

CVE-2025-22885

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack...

CVE-2025-15569

A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This manipulation causes uncontrolled search path. The attack requires local access. The attack is considered to have high complexity. The...

PT-2026-7313

Name of the Vulnerable Software and Affected Versions Intel Quick Assist Technology affected versions not specified Description A missing protection mechanism for an alternate hardware interface within Ring 0 may allow an escalation of privilege. A system software adversary with privileged user...

PT-2026-7305

Name of the Vulnerable Software and Affected Versions IntelR Graphics Software versions prior to 25.30.1702.0 Description Some IntelR Graphics Software before version 25.30.1702.0 has insecure inherited permissions within Ring 3 User Applications, potentially allowing an escalation of privilege. ...