| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Securing externally available CAN wires can easily allow physical access to the CAN bus, allowing possible injection of specially formed CAN messages to control remote start functions of the vehicle. Testing completed on Tesla Model 3 vehicles with software version v11.1 (2023.20.9 ee6de92ddac5). This issue affects Model 3: With software versions from 2023.Xx before 2023.44. |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network. |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read.
Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.11 & <= 9.0.0 as represented in CVE-2025-21176.
Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.
NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry. |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. |
| Transient DOS while processing the tone measurement response buffer when the response buffer is out of range. |
| Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources. |
| Transient DOS while processing a frame with malformed shared-key descriptor. |
| Cryptographic issue may arise because the access control configuration permits Linux to read key registers in TCSR. |
| Memory corruption while processing escape code in API. |
| Information disclosure while opening a fastrpc session when domain is not sanitized. |
| Memory corruption while processing an IOCTL command with an arbitrary address. |
| Information disclosure while handling beacon or probe response frame in STA. |
