11901 matches found
EUVD-2025-34185
An authentication bypass security issue exists within FactoryTalk View Machine Edition Web Browser ActiveX control. Exploitation of this vulnerability allows unauthorized access to the PanelView Plus 7 Series B, including access to the file system, retrieval of diagnostic information, event logs,...
DOJO 授权问题漏洞
DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from an authorization issue vulnerability that stems from improper authentication of the /workspace endpoint, which could lead to unauthorized access to a Windows virtual machine...
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
PT-2025-41994
Name of the Vulnerable Software and Affected Versions Azure Connected Machine Agent affected versions not specified Description An improper access control issue exists in the Azure Connected Machine Agent. An attacker with local access can elevate privileges. This could lead to gaining...
PT-2025-42060
Name of the Vulnerable Software and Affected Versions Azure Connected Machine Agent affected versions not specified Description An improper access control issue exists in the Azure Connected Machine Agent. A successful exploit could allow a local attacker to gain elevated privileges...
PT-2025-42209
Name of the Vulnerable Software and Affected Versions pwn.college DOJO versions prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef Description The /workspace endpoint in pwn.college DOJO has an improper authentication issue. An attacker can access any active Windows VM without authorization...
Security Updates for Azure Connected Machine Agent < 1.56 (October 2025)
The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...
Microsoft Azure Connected Machine Agent 访问控制错误漏洞
Microsoft Azure Connected Machine Agent is the ability of Microsoft Corporation USA to manage Windows and Linux computers hosted outside of Azure on a corporate network or other cloud provider. An access control error vulnerability exists in Microsoft Azure Connected Machine Agent, which stems fr...
Microsoft Azure Connected Machine Agent 访问控制错误漏洞
Microsoft Azure Connected Machine Agent is the ability of Microsoft Corporation USA to manage Windows and Linux computers hosted outside of Azure on a corporate network or other cloud provider. An access control error vulnerability exists in Microsoft Azure Connected Machine Agent, which stems fr...
Rockwell Automation FactoryTalk View Machine Edition 安全漏洞
Rockwell Automation FactoryTalk View Machine Edition is a multifunctional HMI application from Rockwell Automation, Inc. A security vulnerability exists in Rockwell Automation FactoryTalk View Machine Edition that originates from an unauthenticated attacker being able to delete arbitrary files fr...
kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...
Malicious code in scr-file-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e14437e272ed4d4e6bb48ac4f6b3e3cce3f5838363b09ec1e6e95400dd5812d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EBM Uniweb/SoliPACS WebServer 访问控制错误漏洞
EBM Uniweb/SoliPACS WebServer is a medical image archiving and communication system from Enterprise Business Machine EBM, Inc. of Taiwan, China. An access control error vulnerability exists in the EBM Uniweb/SoliPACS WebServer that stems from a lack of authentication, which could allow an...
EBM Uniweb/SoliPACS WebServer 访问控制错误漏洞
EBM Uniweb/SoliPACS WebServer is a medical image archiving and communication system from Enterprise Business Machine EBM, Inc. of Taiwan, China. An access control error vulnerability exists in the EBM Uniweb/SoliPACS WebServer that stems from a lack of authentication and could allow an...
RMPocalypse: How a Catch-22 Breaks AMD SEV-SNP
This paper presents RMPocalypse, a novel attack that shows a critical gap in the security of RMP initialization, wherein the x86 cores maliciously control parts of the initial RMP state. The analysis shows that the vulnerability arises due to the complex, but insufficient, interplay of multiple...
Updated open-vm-tools package fixes security vulnerability
It was discovered that open-vm-tools contains a local privilege escalation vulnerability. A malicious actor with non-administrative privileges on a guest VM may exploit this vulnerability to escalate privileges to root on the same VM CVE-2025-41244...
PT-2025-49057
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Transparent Huge Pages THP. When memory error injection occurs on a THP mapped to userspace, the kernel can panic instead of terminating the...
EUVD-2025-33777
Happy DOM: VM Context Escape can lead to Remote Code Execution...
MAL-2025-48308 Malicious code in vite-plugin-es6-babel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04fac94db34a750bac1ae88f46269718450d383d01b84a102872d0a2f6748918 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
KVM: arm64: Don't retire aborted MMIO instruction
...