EUVD-2026-10687

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

CVE-2026-26117

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

CVE-2025-62376

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

DOJO 授权问题漏洞

DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from an authorization issue vulnerability that stems from improper authentication of the /workspace endpoint, which could lead to unauthorized access to a Windows virtual machine...

PT-2025-42209

Name of the Vulnerable Software and Affected Versions pwn.college DOJO versions prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef Description The /workspace endpoint in pwn.college DOJO has an improper authentication issue. An attacker can access any active Windows VM without authorization...

EUVD-2024-51182

Malicious code in bioql PyPI...

EUVD-2025-14431

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-14628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to...

CVE-2025-29833

Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...

CVE-2025-29833

Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...

PT-2025-20949 · Microsoft · Windows Virtual Machine Bus +1

Name of the Vulnerable Software and Affected Versions: Windows Virtual Machine Bus affected versions not specified Description: A time-of-check time-of-use toctou race condition exists, allowing an authorized attacker to execute code over a network. This issue enables remote attackers to execute...

Microsoft Windows Virtual Machine 安全漏洞

Microsoft Windows Virtual Machine is a virtualization technology from Microsoft USA. It allows you to run many virtual environments within a Windows environment. A security vulnerability exists in Microsoft Windows Virtual Machine. An attacker exploiting this vulnerability could remotely execute...

CVE-2024-12902

ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine using the default...

CVE-2024-12902

The CVE covers Global Wisdom Software ANCHOR running on a Windows VM, where default passwords on high-privilege Windows service accounts could let an attacker remotely log in to the VM. Public documents confirm the vulnerability vector as remote access via default credentials, driven by OS-level ...

CVE-2024-12902 Global Wisdom Software ANCHOR - Undocumented Privileged Account

ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts use default passwords, attackers could remotely log in to the virtual machine using the default...

After importing of an OVF package from a VMware environment Virtual Machine Fails to Boot with STOP 7B or 'Device Does Not Exist'

After importing of an OVF package from a VMware environment, a Windows virtual machine fails with a STOP 0x0000007B error, or a Linux virtual machine does not boot because a device /dev/sda1 for example does not exist. On a Windows virtual machine a STOP 0x0000007B error occurs. On a Linux virtua...