CVE List - 2025 / November
Showing 1101 - 1200 of 1779 CVEs for November 2025 (Page 12 of 18)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-41105 | 2025-11-11 | Multiple vulnerabilities in Fairsketch's RISE CRM Framework |
| CVE-2025-41106 | 2025-11-11 | Multiple vulnerabilities in Fairsketch's RISE CRM Framework |
| CVE-2025-10161 | 2025-11-11 | Authentication Bypass in Turkguven's Perfektive |
| CVE-2025-8324 | 2025-11-11 | SQL Injection |
| CVE-2025-9223 | 2025-11-11 | Command Injection |
| CVE-2025-11084 | 2025-11-11 | FactoryTalk® DataMosaix™ Private Cloud – Authentication Bypass |
| CVE-2025-9227 | 2025-11-11 | Stored XSS |
| CVE-2025-11085 | 2025-11-11 | FactoryTalk® DataMosaix™ Private Cloud – Persistent XSS |
| CVE-2025-11862 | 2025-11-11 | Verve Asset Manager Access Control Vulnerability |
| CVE-2025-12101 | 2025-11-11 | Cross-Site Scripting (XSS) |
| CVE-2025-11696 | 2025-11-11 | Studio 5000 ® Simulation Interface SSRF |
| CVE-2025-11697 | 2025-11-11 | Studio 5000 ® Simulation Interface Local Code Execution |
| CVE-2025-11959 | 2025-11-11 | Improper Access Control in Premierturk's Excavation Management Information System |
| CVE-2025-64773 | 2025-11-11 | In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit |
| CVE-2025-10918 | 2025-11-11 | Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk |
| CVE-2025-9408 | 2025-11-11 | Userspace privilege escalation vulnerability on Cortex M |
| CVE-2025-13012 | 2025-11-11 | Race condition in the Graphics component |
| CVE-2025-13013 | 2025-11-11 | Mitigation bypass in the DOM: Core & HTML component |
| CVE-2025-13014 | 2025-11-11 | Use-after-free in the Audio/Video component |
| CVE-2025-13015 | 2025-11-11 | Spoofing issue in Firefox |
| CVE-2025-13021 | 2025-11-11 | Incorrect boundary conditions in the Graphics: WebGPU component |
| CVE-2025-13022 | 2025-11-11 | Incorrect boundary conditions in the Graphics: WebGPU component |
| CVE-2025-13023 | 2025-11-11 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component |
| CVE-2025-13016 | 2025-11-11 | Incorrect boundary conditions in the JavaScript: WebAssembly component |
| CVE-2025-13024 | 2025-11-11 | JIT miscompilation in the JavaScript Engine: JIT component |
| CVE-2025-13025 | 2025-11-11 | Incorrect boundary conditions in the Graphics: WebGPU component |
| CVE-2025-13026 | 2025-11-11 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component |
| CVE-2025-13017 | 2025-11-11 | Same-origin policy bypass in the DOM: Notifications component |
| CVE-2025-13018 | 2025-11-11 | Mitigation bypass in the DOM: Security component |
| CVE-2025-13019 | 2025-11-11 | Same-origin policy bypass in the DOM: Workers component |
| CVE-2025-13020 | 2025-11-11 | Use-after-free in the WebRTC: Audio/Video component |
| CVE-2025-13027 | 2025-11-11 | Memory safety bugs fixed in Firefox 145 and Thunderbird 145 |
| CVE-2025-10905 | 2025-11-11 | Collision in minifilter driver of Avast Free Antivirus results in disabling of real-time protection |
| CVE-2025-13032 | 2025-11-11 | Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow. |
| CVE-2025-23357 | 2025-11-11 | NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability... |
| CVE-2025-12940 | 2025-11-11 | Credentials recorded in logs in NETGEAR WAX610 and WAX610Y |
| CVE-2025-12942 | 2025-11-11 | Improper input validation in NETGEAR R6260 and R6850 |
| CVE-2025-12943 | 2025-11-11 | Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300 |
| CVE-2025-12944 | 2025-11-11 | Improper input validation in NETGEAR DGN2200v4 |
| CVE-2025-23361 | 2025-11-11 | NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of... |
| CVE-2025-33178 | 2025-11-11 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of... |
| CVE-2025-33202 | 2025-11-11 | NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this vulnerability might... |
| CVE-2025-33185 | 2025-11-11 | NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure. A successful exploit of this vulnerability may lead to information disclosure. |
| CVE-2025-33186 | 2025-11-11 | NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering. |
| CVE-2025-20010 | 2025-11-11 | Use of unmaintained third party components for some Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with... |
| CVE-2025-20050 | 2025-11-11 | Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-20056 | 2025-11-11 | Improper input validation for some Intel VTune Profiler before version 2025.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-20065 | 2025-11-11 | Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an... |
| CVE-2025-20614 | 2025-11-11 | External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with... |
| CVE-2025-20622 | 2025-11-11 | Sensitive information uncleared in resource before release for reuse for some Intel(R) NPU Drivers for Windows before version 32.0.100.4023 within Ring 3: User Applications may allow an information disclosure. Unprivileged... |
| CVE-2025-22391 | 2025-11-11 | Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a... |
| CVE-2025-24299 | 2025-11-11 | Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-24307 | 2025-11-11 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-24314 | 2025-11-11 | Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with... |
| CVE-2025-24327 | 2025-11-11 | Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated... |
| CVE-2025-24491 | 2025-11-11 | Uncontrolled search path for some Intel(R) Killer(TM) Performance Suite software before version killer 4.0 40.25.509.1465 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with... |
| CVE-2025-24512 | 2025-11-11 | Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Authorized adversary with an authenticated... |
| CVE-2025-24516 | 2025-11-11 | Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with... |
| CVE-2025-24519 | 2025-11-11 | Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined... |
| CVE-2025-24834 | 2025-11-11 | Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an unauthenticated user combined with... |
| CVE-2025-24838 | 2025-11-11 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-24842 | 2025-11-11 | Uncontrolled search path for the Intel(R) System Support Utility before version 4.1.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user... |
| CVE-2025-24847 | 2025-11-11 | Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with... |
| CVE-2025-24848 | 2025-11-11 | Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined... |
| CVE-2025-24862 | 2025-11-11 | Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with... |
| CVE-2025-24863 | 2025-11-11 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with... |
| CVE-2025-24918 | 2025-11-11 | Improper link resolution before file access ('link following') for some Intel(R) Server Configuration Utility software and Intel(R) Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications... |
| CVE-2025-25059 | 2025-11-11 | Uncontrolled search path for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary... |
| CVE-2025-25216 | 2025-11-11 | Improper input validation in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with... |
| CVE-2025-26402 | 2025-11-11 | Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low... |
| CVE-2025-26405 | 2025-11-11 | Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-26694 | 2025-11-11 | Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user... |
| CVE-2025-27246 | 2025-11-11 | Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user... |
| CVE-2025-27249 | 2025-11-11 | Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with... |
| CVE-2025-27710 | 2025-11-11 | Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined... |
| CVE-2025-27711 | 2025-11-11 | Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary... |
| CVE-2025-27712 | 2025-11-11 | Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-27713 | 2025-11-11 | Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined... |
| CVE-2025-27725 | 2025-11-11 | Time-of-check time-of-use race condition for some ACAT before version 3.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with... |
| CVE-2025-30182 | 2025-11-11 | Uncontrolled search path for some Intel(R) Distribution for Python software installers before version 2025.2.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an... |
| CVE-2025-30185 | 2025-11-11 | Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a denial of service and escalation of privilege. System software adversary with a privileged user... |
| CVE-2025-30255 | 2025-11-11 | Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated... |
| CVE-2025-30506 | 2025-11-11 | Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated... |
| CVE-2025-30509 | 2025-11-11 | Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user... |
| CVE-2025-30518 | 2025-11-11 | Incorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with... |
| CVE-2025-31146 | 2025-11-11 | Time-of-check time-of-use race condition for some Intel Ethernet Adapter Complete Driver Pack software before version 1.5.1.0 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary... |
| CVE-2025-31645 | 2025-11-11 | Uncontrolled search path for some System Event Log Viewer Utility software for all versions within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an... |
| CVE-2025-31647 | 2025-11-11 | Uncontrolled search path for some Intel(R) Graphics Software before version 25.22.1502.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-31931 | 2025-11-11 | Uncontrolled search path for the Instrumentation and Tracing Technology API (ITT API) software before version 3.25.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary... |
| CVE-2025-31937 | 2025-11-11 | Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined... |
| CVE-2025-31940 | 2025-11-11 | Incorrect default permissions for some Intel(R) Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated... |
| CVE-2025-31948 | 2025-11-11 | Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated... |
| CVE-2025-32001 | 2025-11-11 | Uncontrolled search path for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user... |
| CVE-2025-32037 | 2025-11-11 | Improper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow a denial of service. Network adversary with a privileged user combined with a... |
| CVE-2025-32038 | 2025-11-11 | Uncontrolled search path for some FPGA Support Package for the Intel oneAPI DPC++C++ Compiler software before version 2025.0.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged... |
| CVE-2025-32088 | 2025-11-11 | Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user... |
| CVE-2025-32091 | 2025-11-11 | Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user... |
| CVE-2025-32446 | 2025-11-11 | Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user... |
| CVE-2025-32449 | 2025-11-11 | Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined... |
| CVE-2025-32732 | 2025-11-11 | Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined... |