Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,925
Quick preset (or use dates below)
Clear Filters
Showing 12,101 - 12,120 of 14,675 CVEs
CVE-2025-31655 MEDIUM - 6.7

Incorrect default permissions for some Intel(R) Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may po...

Product: Intel(R) Battery Life Diagnostic Tool
Published: Feb 10, 2026
Source: NVD
CVE-2025-30508 MEDIUM - 6.5

Improper authorization in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially o...

Product: Intel(R) Platforms
Published: Feb 10, 2026
Source: NVD
CVE-2025-27940 MEDIUM - 4.1

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when ...

Product: TDX Module
Published: Feb 10, 2026
Source: NVD
CVE-2025-27708 MEDIUM - 4.1

Out-of-bounds read in the firmware for some Intel(R) Converged Security and Management Engine (CSME) Firmware (FW) within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result m...

Product: Intel(R) Converged Security and Management Engine (CSME) Firmware (FW)
Published: Feb 10, 2026
Source: NVD
CVE-2025-27572 MEDIUM - 4.1

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access whe...

Product: TDX
Published: Feb 10, 2026
Source: NVD
CVE-2025-27560 MEDIUM - 6.0

Loop with unreachable exit condition ('infinite loop') for some Intel(R) Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via ...

Product: Intel(R) Platform
Published: Feb 10, 2026
Source: NVD
CVE-2025-27535 MEDIUM - 5.3

Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity attack may enable den...

Product: Intel(R) Ethernet Connection E825-C.
Published: Feb 10, 2026
Source: NVD
CVE-2025-27243 MEDIUM - 6.0

Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result ma...

Product: Intel(R) Ethernet Controller E810
Published: Feb 10, 2026
Source: NVD
CVE-2025-24851 MEDIUM - 6.0

Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This res...

Product: 100GbE Intel(R) Ethernet Controller E810
Published: Feb 10, 2026
Source: NVD
CVE-2025-22885 MEDIUM - 4.7

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirement...

Published: Feb 10, 2026
Source: NVD
CVE-2025-22849 MEDIUM - 6.7

Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user com...

Product: Intel(R) Optane(TM) PMem management software
Published: Feb 10, 2026
Source: NVD
CVE-2025-20106 MEDIUM - 6.7

Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexit...

Product: VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits
Published: Feb 10, 2026
Source: NVD
CVE-2025-20080 MEDIUM - 6.8

Null pointer dereference in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user combined with a high complexity attack may enable denial of service. This result may potentially occu...

Product: Intel(R) AMT and Intel(R) Standard Manageability
Published: Feb 10, 2026
Source: NVD
CVE-2025-20070 MEDIUM - 6.7

Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexit...

Product: Intel(R) Optane(TM) PMem management software
Published: Feb 10, 2026
Source: NVD
CVE-2026-1602 MEDIUM - 6.5

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Vendor: ivanti
Product: endpoint_manager
Published: Feb 10, 2026
Source: NVD
CVE-2025-70347 MEDIUM - 5.0

An issue in mquickjs before commit 74b7e (2026-01-15) allows a local attacker to cause a denial of service via a crafted file to the get_mblock_size function at mquickjs.c.

Published: Feb 10, 2026
Source: NVD
CVE-2025-68686 MEDIUM - 5.9

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.1, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow a remote unauthenticated attacker to bypass...

Vendor: Fortinet
Product: FortiOS
Published: Feb 10, 2026
Source: NVD
CVE-2025-64157 MEDIUM - 6.7

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authenticated admin to execute unauthorized code or commands via specifically crafted configuration.

Vendor: Fortinet
Product: FortiOS
Published: Feb 10, 2026
Source: NVD
CVE-2025-62439 MEDIUM - 4.2

An Improper Verification of Source of a Communication Channel vulnerability [CWE-940] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions may allow an authenticated user with knowledge of FSSO policy configurations to...

Vendor: Fortinet
Product: FortiOS
Published: Feb 10, 2026
Source: NVD
CVE-2025-55018 MEDIUM - 5.8

An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged ht...

Vendor: Fortinet
Product: FortiOS
Published: Feb 10, 2026
Source: NVD