305 matches found
CVE-2025-4617
CVE-2025-4617 affects Palo Alto Networks Prisma® Browser on Windows. The vulnerability is an insufficient policy enforcement that lets a locally authenticated non-admin user bypass the browser’s screenshot control feature, potentially exposing sensitive screen content. There are no explicit explo...
Palo Alto Prisma Browser 安全漏洞
Palo Alto Prisma Browser is a secure enterprise browser from Palo Alto USA. A security vulnerability exists in Palo Alto Prisma Browser that stems from insufficient input validation, which could allow locally authenticated, non-administrative users to bypass browser security controls...
Palo Alto Prisma Browser 安全漏洞
Palo Alto Prisma Browser is a secure enterprise browser from Palo Alto USA. A security vulnerability exists in Palo Alto Prisma Browser that stems from insufficient policy enforcement and could allow locally authenticated, non-administrative users to bypass the screenshot control feature...
CVE-2025-34273
Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged use...
CVE-2025-34273
Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enforce authorization checks for the global dashboard deletion workflow, enabling lower-privileged use...
September 9, 2025—KB5065432 (OS Build 20348.4171)
September 9, 2025—KB5065432 OS Build 20348.4171 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the...
open-vm-tools: Local privilege escalation in open-vm-tools
A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...
EUVD-2020-18817
Malware in sbrugna...
EUVD-2020-27799
Malware in sbrugna...
EUVD-2020-18819
Malware in sbrugna...
EUVD-2025-31400
Malicious code in bioql PyPI...
EUVD-2021-9408
Malicious code in bioql PyPI...
EUVD-2023-1856
Malicious code in bioql PyPI...
EUVD-2024-19405
Malicious code in bioql PyPI...
EUVD-2023-24126
Malicious code in bioql PyPI...
EUVD-2023-42983
Malicious code in bioql PyPI...
EUVD-2023-2483
Malicious code in bioql PyPI...
EUVD-2025-6923
Malicious code in bioql PyPI...
CVE-2025-41244
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...
CVE-2025-41245
CVE-2025-41245 is an information disclosure vulnerability in VMware Aria Operations. The connected CNVD entry explicitly describes a local user with non-administrative privileges leaking other users’ credentials within Aria Operations. The exploit would allow credential disclosure of other Aria O...