Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2025-48514 Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality. | N/A | NONE | — | 0 |
| CVE-2025-48509 Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory ... | N/A | NONE | — | 0 |
| CVE-2025-29952 Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memor... | N/A | NONE | — | 0 |
| CVE-2025-29951 A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution. | N/A | NONE | — | 0 |
| CVE-2025-29950 Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. | N/A | NONE | — | 0 |
| CVE-2025-29949 Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially result... | N/A | NONE | — | 0 |
| CVE-2025-29948 Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory inte... | N/A | NONE | — | 0 |
| CVE-2025-29946 Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. | N/A | NONE | — | 0 |
| CVE-2025-29939 Improper access control in secure encrypted virtualization (SEV) could allow a privileged attacker to write to the reverse map page (RMP) during secure nested paging (SNP) initialization, potentially ... | N/A | NONE | — | 0 |
| CVE-2025-0031 A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting i... | N/A | NONE | — | 0 |
| CVE-2025-0029 Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory i... | N/A | NONE | — | 0 |
| CVE-2025-0012 Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in ... | N/A | NONE | — | 0 |
| CVE-2024-36355 Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execu... | N/A | NONE | — | 0 |
| CVE-2024-36311 A Time-of-check time-of-use (TOCTOU) race condition in the SMM communications buffer could allow a privileged attacker to bypass input validation and perform an out of bounds read or write, potentiall... | N/A | NONE | — | 0 |
| CVE-2024-36310 Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or inte... | N/A | NONE | — | 0 |
| CVE-2024-21953 Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity. | N/A | NONE | — | 0 |
| CVE-2021-26410 Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the k... | N/A | NONE | — | 0 |
| CVE-2021-26381 Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory c... | N/A | NONE | — | 0 |
| CVE-2026-2302 Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-26009 Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating syst... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-25613 An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25610 An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25609 Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only. | 5.4 | MEDIUM | — | 0 |
| CVE-2026-25506 MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daem... | 7.7 | HIGH | — | 0 |
| CVE-2026-21355 DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive info... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21354 DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability t... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21353 DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21352 DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21347 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio... | 7.8 | HIGH | — | 0 |
| CVE-2026-21346 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i... | 7.8 | HIGH | — | 0 |
| CVE-2026-21345 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-21344 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-21343 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-21342 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-21341 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-1850 Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-1849 MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodical... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-1848 Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies... | 7.5 | HIGH | — | 0 |
| CVE-2026-1847 Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leadi... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-26003 FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin s... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-25993 EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / request_path values—derived from the url_key stored in the database... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-25992 SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file... | 7.5 | HIGH | — | 0 |
| CVE-2026-25956 Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect (or reflected XSS... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-25950 Rejected reason: Further research determined the issue is not a vulnerability. | N/A | NONE | — | 0 |
| CVE-2026-25947 Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controll... | 8.8 | HIGH | — | 0 |
| CVE-2026-25805 Zed is a multiplayer code editor. Prior to 0.219.4, Zed does not show with which parameters a tool is being invoked, when asking for allowance. Further it does not show after the tool was being invoke... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-25728 ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background image up... | 7.5 | HIGH | — | 0 |
| CVE-2026-25646 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists ... | 8.1 | HIGH | — | 0 |
| CVE-2026-25612 The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this rep... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25611 A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server. | 7.5 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.