3764 matches found
Azure Compute Resource Provider Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...
PT-2025-43564
Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker can elevate privileges over a network due to a server-side request forgery issue in Azure Compute Gallery. This allows for potential misuse of network...
KLA89723 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Compute Resource Provider can be exploited...
Microsoft Azure Compute Gallery 代码问题漏洞
Microsoft Azure Compute Gallery is a service for managing virtual machines from Microsoft Corporation in the United States. A code issue vulnerability exists in Microsoft Azure Compute Gallery that stems from server-side request forgery and could lead to an authorized attacker to elevate privileg...
Microsoft Azure Elevation of Privilege Vulnerability (CNVD-2025-29349)
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. A security vulnerability exists in Microsoft Azure Compute Gallery, which can be exploited by an attacker to elevate privileges...
EUVD-2025-34679
go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents...
CVE-2025-62375 go-witness Improper Verification of AWS EC2 Identity Documents
go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is...
USN-7801-3 linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7801-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
go-witness 信任管理问题漏洞
go-witness is a Golang library open-sourced by in-toto. A trust management issue vulnerability exists in go-witness version 0.8.6 and earlier, which stems from the AWS attestor not properly validating AWS EC2 instance identity documents, which could lead to the acceptance of forged identity...
CVE-2025-59292
CVE-2025-59292 affects Confidential Azure Container Instances. External control of a file name or path in this component can let an authorized attacker elevate privileges locally. The CVE is corroborated by multiple sources in the Connected Documents (Microsoft MSRC entry, EU/NCSC/MSS intel, and ...
CVE-2025-59292 Azure Compute Gallery Elevation of Privilege Vulnerability
...
CVE-2025-59292 Azure Compute Gallery Elevation of Privilege Vulnerability
...
Azure Compute Gallery Elevation of Privilege Vulnerability
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally...
Virtuozzo Hybrid Infrastructure 6.2 Update 1 Hotfix 7 (6.2.1-97)
This update provides stability fixes and support for cumulative updates. Clusters running version 6.2.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-91715 Failed to retry updating the kernel. Vulnerability id: VSTOR-93149, VSTOR-10082...
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 3 (6.3.1-133)
This update provides stability fixes and support for cumulative updates. Clusters running version 6.3.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-105770 A stability fix for vstorage-mount. Vulnerability id: VSTOR-104585, VSTOR-1065...
Microsoft Azure 安全漏洞
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. A security vulnerability exists in Microsoft Azure Compute Gallery, which can be exploited by an attacker to elevate privileges...
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
CVE-2025-0636
CVE-2025-0636 affects Ericsson RAN Compute and Ericsson Site Controller (EMCLI). The issue is a high-severity vulnerability arising from improper neutralization of special elements used in an OS command, potentially enabling Arbitrary Code Execution. The publicly documented details across multipl...