2080 matches found
EUVD-2025-208550
Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...
EUVD-2025-208555
Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
EUVD-2025-208551
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
EUVD-2025-208542
Improper buffer restrictions in some UEFI firmware for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access whe...
EUVD-2025-208548
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
TOSSS: A CVE-Based Software Security Benchmark for Large Language Models
With their increasing capabilities, Large Language Models LLMs are now used across many industries. They have become useful tools for software engineers and support a wide range of development tasks. As LLMs are increasingly used in software development workflows, a critical question arises: are...
CVE-2025-20073
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-20068
Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20027
Improper input validation in the UEFI WheaERST module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...
CVE-2025-20005
Improper buffer restrictions in some UEFI firmware for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access whe...
EUVD-2026-10642
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally...
CVE-2026-25174
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally...
CVE-2026-25174
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally...
CVE-2026-25174 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
...
CVE-2026-25174
CVE-2026-25174 is a Windows Privilege Elevation vulnerability described as an out-of-bounds read in the Windows Extensible File Allocation feature. The connected NCSC advisory confirms Microsoft has fixed vulnerabilities across Windows components, listing CVE-2026-25174 under Windows Extensible F...
PT-2026-24490
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...
PT-2026-24301
Уязвимость проприетарной файловой системы Windows Extensible File Allocation Table операционных систем Windows связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии...
CVE-2026-28770
Improper neutralization of special elements in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the file...
CLSA-2026-1772646053 python3: Fix of CVE-2025-12084
CVE-2025-12084: Prevent quadratic-time behavior when building excessively nested XML elements...