Lucene search
K

72 matches found

EUVD
EUVD
added 2026/03/10 6:31 p.m.4 views

EUVD-2026-10687

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2026/03/10 6:18 p.m.5 views

CVE-2026-26117

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 5:5 p.m.2 views

CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability

...

7.8CVSS5.8AI score0.00292EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.5 views

Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability

Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00292EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/10 2:0 p.m.5 views

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-21986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily...

7.1CVSS7.1AI score0.00186EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.5 views

CVE-2026-21986

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

7.1CVSS5.4AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 12:31 a.m.7 views

EUVD-2026-3526

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

7.1CVSS5.4AI score0.00186EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 10:16 p.m.17 views

CVE-2026-21986

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

7.1CVSS0.00186EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/20 9:56 p.m.4 views

CVE-2026-21986

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

7.1CVSS6.9AI score0.00186EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3733

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 through 7.2.4 Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. An unauthenticated attacker with access to the infrastructure where...

7.1CVSS7.4AI score0.00186EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/10/26 12:25 p.m.176 views

Exploit for CVE-2025-62376

Improper Authentication in pwn.college DOJO Education Platform...

9.5CVSS6.7AI score0.00573EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/10/16 9:51 a.m.215 views

Exploit for CVE-2025-62376

CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...

9.5CVSS6.8AI score0.00573EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/10/16 9:50 a.m.18 views

CVE-2025-62376

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.9AI score0.00573EPSS
Exploits2References1
NVD
NVD
added 2025/10/14 10:15 p.m.44 views

CVE-2025-62376

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS0.00573EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/10/14 9:58 p.m.6 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.6AI score0.00573EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/10/14 9:58 p.m.46 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS0.00573EPSS
Exploits2References2
OSV
OSV
added 2025/10/14 9:58 p.m.18 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.9AI score0.00573EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

DOJO 授权问题漏洞

DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from an authorization issue vulnerability that stems from improper authentication of the /workspace endpoint, which could lead to unauthorized access to a Windows virtual machine...

9.5CVSS6.5AI score0.00573EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.11 views

PT-2025-42209

Name of the Vulnerable Software and Affected Versions pwn.college DOJO versions prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef Description The /workspace endpoint in pwn.college DOJO has an improper authentication issue. An attacker can access any active Windows VM without authorization...

9.5CVSS6.9AI score0.00573EPSS
Exploits2References4
Rows per page
Query Builder