PT-2025-43962

Name of the Vulnerable Software and Affected Versions Bdtask Wholesale Inventory Control and Inventory Management System versions prior to 20251014 Description A security issue exists in Bdtask Wholesale Inventory Control and Inventory Management System. Manipulation of the first name and last na...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26852)

net/ipv6: possible UAF in ip6routempathnotify. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503716; scriptversion"1.2";...

CVE-2025-59500

Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network...

EUVD-2025-35746

Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network...

Actionable Cybersecurity Notifications for Smart Homes: A User Study on the Role of Length and Complexity

The proliferation of smart home devices has increased convenience but also introduced cybersecurity risks for everyday users, as many devices lack robust security features. Intrusion Detection Systems are a prominent approach to detecting cybersecurity threats. However, their alerts often use...

CVE-2025-59500

Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network...

CVE-2025-59500

CVE-2025-59500 is an elevation-of-privilege issue affecting the Azure Notification Service due to improper access control. The connected documents consistently describe privilege escalation over a network via this service. Affected component is Azure Notification Service; root cause is access-con...

CVE-2025-59500 Azure Notification Service Elevation of Privilege Vulnerability

...

CVE-2025-59500 Azure Notification Service Elevation of Privilege Vulnerability

...

Azure Notification Service Elevation of Privilege Vulnerability

Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network...

KLA89723 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Compute Resource Provider can be exploited...

PT-2025-43563

Name of the Vulnerable Software and Affected Versions Azure Notification Service affected versions not specified Description Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no...

PT-2025-43455

In disassociate of DisassociationProcessor.java, there is a possible way for an app to continue reading notifications when not associated to a companion device due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...

Microsoft Azure Notification Service 访问控制错误漏洞

Microsoft Azure Notification Service is a notification push service from Microsoft Corporation in the United States. An access control error vulnerability exists in Microsoft Azure Notification Service that stems from improper access control and could lead to elevation of privilege...

PT-2025-43473

In multiple functions of NotificationManagerService.java, there is a possible way to bypass the per-package channel limits causing resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7835-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7835-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

PT-2025-43466

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation. Exploitation may allow an attacker to cause a denial of service. Specifically, the...

EUVD-2022-54773

In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as discussed 1, I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0...

USN-7835-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...