CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2026-35248

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:28+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwxg6zh2c...

CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

UBUNTU-CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2026-35248

...

CVE-2026-35248

...

CVE-2026-35248

Oracle VM VirtualBox (Core) vulnerability CVE-2026-35248 affects version 7.2.6. The issue is in the Core component and is exploitable by a high-privilege attacker who has logged into the infrastructure where VirtualBox runs, with a local attack vector and no user interaction. Impact includes unau...

KLA90996 Multiple vulnerabilities in Oracle VirtualBox

Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in Core can be...

MAL-2025-35248 Malicious code in test-mlw2-dunno-fovea (npm)

The package test-mlw2-dunno-fovea was found to contain malicious code...

CVE-2024-35248

creationtimestamp| type| source ---|---|--- 2025-05-16 01:34:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16607...

Security Updates for Microsoft Dynamics 365 Business Central (June 2024)

The Microsoft Dynamics 365 Business Central install is missing security updates. It is, therefore, affected by multiple vulnerabilities, including: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2024-35248 - A remote code execution...

CVE-2024-35248 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

...

CVE-2024-35248 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

...

Update 24.1 for Microsoft Dynamics 365 Business Central 2024 Release Wave 1 (Application Build 24.1.19498, Platform Build 24.0.19487)

Update 24.1 for Microsoft Dynamics 365 Business Central 2024 Release Wave 1 Application Build 24.1.19498, Platform Build 24.0.19487 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For more information,...

CVE-2022-35248

A improper authentication vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login...

CVE-2022-35248

Rocket.Chat contains an improper authentication vulnerability (CVE-2022-35248) where enabling CAS during login allows bypass of TOTP 2FA. Affected versions are <5, <4.8.2, and

CVE-2021-35248

creationtimestamp| type| source ---|---|--- 2021-12-21 00:11:29+00:00| seen| https://t.me/cibsecurity/34303...

CVE-2021-35248

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings...

CVE-2021-35248

SolarWinds Orion contains an issue where any authenticated user (including low-privilege or guest accounts) can query Orion.UserSettings and enumerate users and their basic settings. NVD notes impact to confidentiality (partial) with network-accessible exposure; CVSS vectors indicate low attack c...

CVE-2021-35248 Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings...