PT-2025-46392

Name of the Vulnerable Software and Affected Versions IntelR CIP software versions prior to WIN DCA 2.4.0.11001 Description A protection mechanism failure exists in some IntelR CIP software. This issue, occurring within Ring 3 User Applications, may allow an information disclosure. An unprivilege...

PT-2025-46396

Name of the Vulnerable Software and Affected Versions IntelR CIP software versions prior to WIN DCA 2.4.0.11001 Description A protection mechanism failure exists in some IntelR CIP software. This issue, occurring within Ring 3: User Applications, may allow an unprivileged software adversary with ...

PT-2025-46482

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A privilege context switching error exists within Windows Administrator Protection. This error allows an authorized attacker to elevate privileges locally. Recommendations At the moment, ther...

Gen Digital Free Antivirus 安全漏洞

Gen Digital Free Antivirus is an antivirus software from Gen Digital, Inc. A security vulnerability exists in Gen Digital Free Antivirus versions prior to 25.9, which stems from a conflict in the MiniFilter driver that could cause a local attacker to disable real-time protection and self-defense...

Intel Slim Bootloader 安全漏洞

Intel Slim Bootloader is a lightweight secure boot solution from Intel Corporation USA designed for the Intel platform. A security vulnerability exists in Intel Slim Bootloader that stems from a failure of the UEFI firmware protection mechanism, which could lead to elevated privileges...

Microsoft Windows 代码问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Windows Administrator Protection. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are...

PT-2025-46350

Name of the Vulnerable Software and Affected Versions Avast Free Antivirus versions prior to 25.9 Description A collision in the MiniFilter driver within Avast Free Antivirus can allow a local attacker with administrative privileges to disable real-time protection and self-defense mechanisms. The...

WordPress Plugin FunnelKit Automations Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin FunnelKit Automations,...

Siemens Software Center and Solid Edge

SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...

Siemens COMOS

SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...

ROS-20251111-07

A vulnerability in the Downloads component of the Google Chrome and Microsoft Edge browsers is related to a false representation of critical information by the user interface. presentation of critical information by the user interface. Exploitation of the vulnerability could Allow an attacker...

EUVD-2025-44060

Cross-Site Request Forgery CSRF in SourceCodester Product Expiry Management System. The User Management module delete-user.php allows remote attackers to delete arbitrary user accounts via forged cross-origin GET requests because the endpoint relies solely on session cookies and lacks CSRF...

EUVD-2025-44061

The sendmessage.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery CSRF. The application does not implement any CSRF-protection mechanisms such as tokens, nonces, or same-site cookie restrictions. An attacker can create a malicious HTML page tha...

Incident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin America

Menlo Park, CA, USA, 10th November 2025, CyberNewsWire...

Advisory ROSA-SA-2025-3058

Software: libxslt 1.1.32 OS: ROSA Virtualization 3.1 unaffected versions = libxslt-1.1.32-6.3.rv31 affected versions libxslt-1.1.32-6.3.rv31 CVE-ID: CVE-2023-40403 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libxslt library of the iPadOS, tvOS, iOS, watchOS, macOS operating system is...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

SourceCodester Simple Public Chat Room 安全漏洞

SourceCodester Simple Public Chat Room is a simple public chat room in SourceCodester open source. A security vulnerability exists in SourceCodester Simple Public Chat Room version 1.0, which stems from the sendmessage.php endpoint that does not implement a CSRF protection mechanism, which could...