14 matches found
Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark
In this article 1. AI-powered vulnerability discovery at hyper-scale 2. Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harness 3. Using codename MDASH for security research 4. The 5.12.2026 Patch Tuesday cohort 5. Two deep dives 1. CVE-2026-33827—Remote unauthenticated UAF ...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
EUVD-2025-205370
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2023-53946
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level...
CVE-2023-53946
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level...
EUVD-2025-204607
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level...
CVE-2023-53946 Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level...
CVE-2023-53946
Affected software: Arcsoft PhotoStudio 6.0.0.172. Vulnerability: unquoted service path in the ArcSoft Exchange Service that can be exploited by local attackers to escalate privileges by placing a malicious executable in the unquoted path, triggering code execution with system-level permissions. I...
Arcsoft PhotoStudio 代码问题漏洞
Arcsoft PhotoStudio is an image editing software from China's Arcsoft Corporation. A code issue vulnerability exists in Arcsoft PhotoStudio version 6.0.0.172, which stems from the presence of unquoted service paths to the ArcSoft Exchange Service, which could lead to elevation of privilege...
PT-2025-52517
Name of the Vulnerable Software and Affected Versions Arcsoft PhotoStudio version 6.0.0.172 Description Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability within the ArcSoft Exchange Service. This allows local attackers to potentially escalate privileges. Specifically,...
Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 (KB5010324)
Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 KB5010324 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE:CVE-2022-23277 |...
F*EX 20111129-2 Cross Site Scripting Vulnerability
------------------------------------------------------------------------ FEX 20111129-2 Cross Site Scripting Vulnerability ------------------------------------------------------------------------ title.............: FEX 20111129-2 Cross Site Scripting Vulnerabilities author............: muuratsal...