72 matches found
EUVD-2026-10687
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
Linux Distros Unpatched Vulnerability : CVE-2026-21986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily...
CVE-2026-21986
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
EUVD-2026-3526
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2026-21986
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2026-21986
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
PT-2026-3733
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 through 7.2.4 Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. An unauthenticated attacker with access to the infrastructure where...
Exploit for CVE-2025-62376
Improper Authentication in pwn.college DOJO Education Platform...
Exploit for CVE-2025-62376
CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...
CVE-2025-62376
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
CVE-2025-62376
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
DOJO 授权问题漏洞
DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from an authorization issue vulnerability that stems from improper authentication of the /workspace endpoint, which could lead to unauthorized access to a Windows virtual machine...
PT-2025-42209
Name of the Vulnerable Software and Affected Versions pwn.college DOJO versions prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef Description The /workspace endpoint in pwn.college DOJO has an improper authentication issue. An attacker can access any active Windows VM without authorization...