October Top Security Vulnerabilities (CVE Report)
Top CVE's report for month of October2025
October Top Vulnerabilities Overview
In October, multiple critical and high severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege escalation in operating systems, and SQL injection in web applications. These vulnerabilities pose significant risk of full system compromise, unauthorized access, or data breach if not promptly patched.
| NAME | CVE ID | Criticality | CVSS SCORE | Description | Reference Link |
|---|---|---|---|---|---|
| Azure Bot Service Elevation of Privilege Vulnerability | CVE-2025-55244 | Critical | 9 | Azure Bot Service Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-55244 |
| Azure Networking Elevation of Privilege Vulnerability | CVE-2025-54914 | Critical | 10 | Azure Networking Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-54914 |
| Azure Entra ID Elevation of Privilege Vulnerability | CVE-2025-55241 | Critical | 10 | Azure Entra ID Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-55241 |
| Azure Entra ID Elevation of Privilege Vulnerability | CVE-2025-59218 | Critical | 9.6 | Azure Entra ID Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59218 |
| Azure Entra ID Elevation of Privilege Vulnerability | CVE-2025-59246 | Critical | 9.8 | Azure Entra ID Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59246 |
| Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability | CVE-2025-55232 | Critical | 9.8 | Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55232 |
| Oracle E-Business Suite Unspecified Vulnerability | CVE-2025-61882 | Critical | 9.8 | Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks of this vulnerability can result in takeover of Oracle Concurrent Processing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | https://www.cve.org/CVERecord?id=CVE-2025-61882 |
| Windows Server Update Service allows an unauthorized attacker to execute code over a network. | CVE-2025-59287 | Critical | 9.8 | Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. | https://nvd.nist.gov/vuln/detail/CVE-2025-59287 |
| Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability | CVE-2025-55238 | High | 7.5 | Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-55238 |
| Windows NTLM Elevation of Privilege Vulnerability | CVE-2025-54918 | High | 8.8 | Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. | https://www.cve.org/CVERecord?id=CVE-2025-54918 |
| Windows Graphics Component Remote Code Execution Vulnerability | CVE-2025-55228 | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-55228 |
| Graphics Kernel Remote Code Execution Vulnerability | CVE-2025-55236 | High | 7.3 | Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-55236 |
| Windows Graphics Component Elevation of Privilege Vulnerability | CVE-2025-53800 | High | 7.8 | No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-53800 |
| Microsoft Office Remote Code Execution Vulnerability | CVE-2025-54910 | High | 8.4 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54910 |
| Windows Hyper-V Remote Code Execution Vulnerability | CVE-2025-55224 | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-55224 |
| Azure PlayFab Elevation of Privilege Vulnerability | CVE-2025-59247 | High | 8.8 | Azure PlayFab Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59247 |
| Azure Monitor Log Analytics Spoofing Vulnerability | CVE-2025-55321 | High | 8.7 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an authorized attacker to perform spoofing over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55321 |
| Redis Enterprise Elevation of Privilege Vulnerability | CVE-2025-59271 | High | 8.7 | Redis Enterprise Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59271 |
| Windows NTFS Remote Code Execution Vulnerability | CVE-2025-54916 | High | 7.8 | Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54916 |
| Windows Graphics Component Remote Code Execution Vulnerability | CVE-2025-54919 | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54919 |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVE-2025-54106 | High | 8.8 | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-54106 |
| Agentic AI and Visual Studio Code Remote Code Execution Vulnerability | CVE-2025-55319 | High | 8.8 | Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55319 |
| GitHub Copilot and Visual Studio Remote Code Execution Vulnerability | CVE-2025-53773 | High | 7.8 | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-53773 |
| OmniParser Remote Code Execution Vulnerability | CVE-2025-55322 | High | 7.3 | Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55322 |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | CVE-2025-59251 | High | 7.6 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |
| Active Directory Domain Services Elevation of Privilege Vulnerability | CVE-2025-21293 | high | 8.8 | Active Directory Domain Services Elevation of Privilege Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-21293 |
| Windows BitLocker Elevation of Privilege Vulnerability | CVE-2025-54912 | High | 7.8 | Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-54912 |
| Windows BitLocker Elevation of Privilege Vulnerability | CVE-2025-54911 | High | 7.3 | Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally | https://www.cve.org/CVERecord?id=CVE-2025-54911 |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability | CVE-2025-54093 | High | 7 | Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-54093 |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | CVE-2025-49692 | High | 7.8 | Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-49692 |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability | CVE-2025-55316 | High | 7.8 | External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-55316 |
| PowerShell Direct Elevation of Privilege Vulnerability | CVE-2025-49734 | High | 7 | Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-49734 |
| Windows Bluetooth Service Elevation of Privilege Vulnerability | CVE-2025-59220 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59220 |
| Windows Bluetooth Service Elevation of Privilege Vulnerability | CVE-2025-53802 | High | 7 | Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-53802 |
| Microsoft OfficePlus Spoofing Vulnerability | CVE-2025-55243 | High | 7.5 | Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an unauthorized attacker to perform spoofing over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55243 |
| Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | CVE-2025-54114 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to deny service locally. | https://www.cve.org/CVERecord?id=CVE-2025-54114 |
| HTTP.sys Denial of Service Vulnerability | CVE-2025-53805 | High | 7.5 | Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network. | https://www.cve.org/CVERecord?id=CVE-2025-53805 |
| Microsoft PowerPoint Remote Code Execution Vulnerability | CVE-2025-54908 | High | 7.8 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54908 |
| Microsoft Office Visio Remote Code Execution Vulnerability | CVE-2025-54907 | High | 7.8 | Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54907 |
| Microsoft Office Remote Code Execution Vulnerability | CVE-2025-54906 | High | 7.8 | Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54906 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-54896 | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54896 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-54900 | High | 7.8 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-54900 |
| Privilege Escalation in Microsoft Windows SMB Client | CVE-2025-33073 | High | 8.8 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | https://nvd.nist.gov/vuln/detail/CVE-2025-33073 |
| Veeam Agent for Microsoft Windows Link Following Local Privilege Escalation Vulnerability | CVE-2025-48982 | High | 7.3 | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a system administrator is tricked into restoring a malicious file. | https://www.cve.org/CVERecord?id=CVE-2025-48982 |
| Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability | CVE-2025-62589 | High | 8.2 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | https://www.cve.org/CVERecord?id=CVE-2025-62589 |
| Oracle VirtualBox USB Use-After-Free Local Privilege Escalation Vulnerability | CVE-2025-62641 | High | 8.2 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | https://www.cve.org/CVERecord?id=CVE-2025-62641 |
| Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability | CVE-2025-62590 | High | 8.2 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | https://www.cve.org/CVERecord?id=CVE-2025-62590 |
| Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability | CVE-2025-62588 | High | 8.2 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | https://www.cve.org/CVERecord?id=CVE-2025-62588 |
| Removal of Agere Modem Driver (ltmdm64.sys) in October Windows Update | CVE-2025-24052 | High | 7.8 | Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. | https://nvd.nist.gov/vuln/detail/CVE-2025-24052 |
| Vulnerable Agere Modem Driver Removed from Windows | CVE-2025-24990 | High | 7.8 | Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. | https://nvd.nist.gov/vuln/detail/CVE-2025-24990 |
| Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | CVE-2025-59230 | High | 7.8 | Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | https://nvd.nist.gov/vuln/detail/CVE-2025-59230 |
| Microsoft Office allows an unauthorized attacker to execute code locally. | CVE-2025-59227, CVE-2025-59234 | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | https://nvd.nist.gov/vuln/detail/CVE-2025-59227 https://nvd.nist.gov/vuln/detail/CVE-2025-59234 |
| Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | CVE-2025-55680 | High | 7 | Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | https://nvd.nist.gov/vuln/detail/CVE-2025-55680 |
| Microsoft Windows TAR File Parsing NTLM Relay Vulnerability | CVE-2025-59284 | Low | 3.3 | Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. | https://www.cve.org/CVERecord?id=CVE-2025-59284 |
| Windows Hyper-V Remote Code Execution Vulnerability | CVE-2025-48807 | Medium | 6.7 | Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-48807 |
| Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability | CVE-2025-55242 | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized attacker to disclose information over a network. | https://www.cve.org/CVERecord?id=CVE-2025-55242 |
| Graphics Kernel Remote Code Execution Vulnerability | CVE-2025-55226 | Medium | 6.7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-55226 |
| Windows Imaging Component Information Disclosure Vulnerability | CVE-2025-53799 | Medium | 5.5 | Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-53799 |
| M365 Copilot Spoofing Vulnerability | CVE-2025-59252 | Medium | 6.5 | M365 Copilot Spoofing Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59252 |
| Copilot Spoofing Vulnerability | CVE-2025-59272 | Medium | 6.5 | Copilot Spoofing Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59272 |
| Copilot Spoofing Vulnerability | CVE-2025-59286 | Medium | 6.5 | Copilot Spoofing Vulnerability | https://www.cve.org/CVERecord?id=CVE-2025-59286 |
| Windows SMB Client Remote Code Execution Vulnerability | CVE-2025-54101 | Medium | 4.8 | Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-54101 |
| Windows Defender Firewall Service Elevation of Privilege Vulnerability | CVE-2025-54915 | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-54915 |
| Windows Defender Firewall Service Elevation of Privilege Vulnerability | CVE-2025-54109 | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-54109 |
| Windows Defender Firewall Service Elevation of Privilege Vulnerability | CVE-2025-54104 | Medium | 6.7 | Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally | https://www.cve.org/CVERecord?id=CVE-2025-54104 |
| MapUrlToZone Security Feature Bypass Vulnerability | CVE-2025-54917 | Medium | 4.3 | Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | https://www.cve.org/CVERecord?id=CVE-2025-54917 |
| MapUrlToZone Security Feature Bypass Vulnerability | CVE-2025-54107 | Medium | 4.3 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | https://www.cve.org/CVERecord?id=CVE-2025-54107 |
| Microsoft Windows File Explorer Spoofing Vulnerability | CVE-2025-50154 | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | https://www.cve.org/CVERecord?id=CVE-2025-50154 |
| Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | CVE-2025-53809 | Medium | 6.5 | Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. | https://www.cve.org/CVERecord?id=CVE-2025-53809 |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | CVE-2025-29954 | Medium | 5.9 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | https://www.cve.org/CVERecord?id=CVE-2025-29954 |
| Cisco Snort process_mime_body Out-Of-Bounds Read Information Disclosure Vulnerability | CVE-2025-20359 | Medium | 6.5 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer handling when the MIME fields of the HTTP header are parsed. This can result in a buffer under-read. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection that is parsed by Snort 3. A successful exploit could allow the attacker to induce one of two possible outcomes: the unexpected restarting of the Snort 3 Detection Engine, which could cause a denial of service (DoS) condition, or information disclosure of sensitive information in the Snort 3 data stream. Due to the under-read condition, it is possible that sensitive information that is not valid connection data could be returned. | https://www.cve.org/CVERecord?id=CVE-2025-20359 |
| Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability | CVE-2025-62591 | Medium | 6 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). | https://www.cve.org/CVERecord?id=CVE-2025-62591 |
| Oracle VirtualBox Virtio-net Uninitialized Memory Information Disclosure Vulnerability | CVE-2025-61759 | Medium | 6.5 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). | https://www.cve.org/CVERecord?id=CVE-2025-61759 |
| AMD CVE-2025-0033: RMP Corruption During SNP Initialization | CVE-2025-0033 | Medium | 6 | CVE-2025-0033 is an attack against AMD processors that support Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) by exploiting incomplete protections in the Reverse Map Table, or RMP. The vulnerability has been named RMPocalypse. | |
| evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability | CVE-2025-12489 | 7.8 | This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the openBrowser function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. | https://www.zerodayinitiative.com/advisories/ZDI-25-983/ |