ALPINE-CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

CVE-2026-8233

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was...

PT-2026-31422

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

CVE-2025-20073

Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

EUVD-2025-208555

Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-22444

CVE-2025-22444 affects the UEFI PdaSmm module on certain Intel reference platforms. The flaw is described as Exposure of resource to wrong sphere, enabling information disclosure. A system software adversary with privileged user access and a high-complexity, local attack could potentially cause d...

PT-2026-22523

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...

CVE-2025-32739

Improper conditions check in some firmware for some IntelR Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This resul...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31655

Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

ALPINE-CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

PT-2026-7315

Name of the Vulnerable Software and Affected Versions IntelR Memory and Storage Tool versions prior to 2.5.2 Description The IntelR Memory and Storage Tool, in versions before 2.5.2, has default permissions that may allow a local escalation of privilege. An authenticated user with a high complexi...

PT-2026-7286

Name of the Vulnerable Software and Affected Versions IntelR OptaneTM PMem management software versions CR MGMT 01.00.00.3584, CR MGMT 02.00.00.4052, CR MGMT 03.00.00.0538 Description The software has default permissions that may allow a privilege escalation. An unprivileged software adversary wi...

CVE-2025-35968

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

CVE-2025-22391

Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially...