Quartus Prime Pro CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-14596	1 Altera	1 Quartus Prime Pro	2026-01-08	6.7 Medium
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.
CVE-2025-14605	1 Altera	1 Quartus Prime Pro	2026-01-08	6.7 Medium
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.
CVE-2025-14612	1 Altera	1 Quartus Prime Pro	2026-01-08	6.7 Medium
Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.
CVE-2025-13668	1 Altera	1 Quartus Prime Pro	2025-12-18	6.7 Medium
A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege.
CVE-2025-13663	1 Altera	1 Quartus Prime Pro	2025-12-12	6.7 Medium
Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists.

Page 1 of 1.