8.2
CVE-2025-4422 - EfiSmiServices : EfiPcdProtocol, SMM memory corruption vulnerabilities in SMM module
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.Β https://support.lenovo.com/us/en/product_security/home
8.2
CVE-2025-4421 - EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability.Β https://support.lenovo.com/us/en/product_security/home
5.1
CVE-2025-8217 - Inert Malicious script injected into Amazon Q Developer Visual Studio Code (VS Code) Extension
The Amazon Q Developer Visual Studio Code (VS Code) extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making β¦
7
CVE-2025-25011 - Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the β¦
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentβ¦
7
CVE-2025-0712 - APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when usingβ¦
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentβ¦
0.0
CVE-2025-43191 -
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.
0.0
CVE-2025-43237 -
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
0.0
CVE-2025-43197 -
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.
0.0
CVE-2025-43206 -
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to access protected user data.
0.0
CVE-2025-43196 -
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.