Security Vulnerabilities
Uncontrolled search path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-11-11
External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-11-11
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit
CVSS Score
2.7
EPSS Score
0.0
Published
2025-11-11
Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-11-11
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-11
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-11
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-11
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-11
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-11