CVE | THREATINT

Welcome

This is a free service provided by THREATINT. It is hosted in Europe

It contains information on publicly disclosed cyber security vulnerabilities based on data from the CVE® Program, please see the official CVE website and CVE List V5 on GitHub. Whenever applicable we also show information from the Known Exploited Vulnerabilities Catalog provided by US CISA as the authoritative source of vulnerabilities that have been exploited in the wild.

New

CVE-2025-54519: A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

CVE-2023-31323: Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety violation potentially resulting in loss of confidentiality, integrity, or availability.

CVE-2024-36319: Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.

CVE-2023-20601: Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.

CVE-2025-52533: Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.

Updated

CVE-2024-36319: Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system.

CVE-2025-7195: Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd: Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.1...

CVE-2026-20625: A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data.

CVE-2024-36355: Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.

CVE-2026-20605: The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to crash a system process.

CISA Known Exploited Vulnerabilities

CVE-2026-21519 Microsoft Windows: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21513 Microsoft Windows: Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525 Microsoft Windows: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21514 Microsoft Office: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21533 Microsoft Windows: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

Additional information

EUVD (European Union Vulnerability Database) is maintained by ENISA (European Union Agency for Cybersecurity), under the European Union’s regulatory umbrella, serving as a centralized platform for vulnerability reporting specifically aligned with the EU’s legal frameworks such as NIS2 and the Cyber Resilience Act (CRA)

EUVD complements the CVE system by aggregating CVE data, but also assigns its own EUVD IDs to vulnerabilities, offers enriched metadata tailored for EU policies and compliance, and may highlight vulnerabilities particularly relevant to the European market.

Most vulnerabilities catalogued in EUVD will have both a CVE-ID and an EUVD-ID, acting as cross-references.

euvd.enisa.europa.eu

Source: media.ccc.de/v/eh22-138-panic-at-the-cve-o-theque.

A big "thank you" goes to @pennylane.

help @ threatint.eu