337 matches found
CVE-2025-68334 platform/x86/amd/pmc: Add support for Van Gogh SoC
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally non-X SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 s2idle causes a crash, this support was dropped by the Xbox Ally...
CVE-2025-68334
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally non-X SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 s2idle causes a crash, this support was dropped by the Xbox Ally...
Malicious code in xbox-bottomnav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 956281b4efe244dbc01ea826196ee41b5cca6af75d50aa903ecfc4ab5bac134b The package xbox-bottomnav was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-203893
Malicious code in xbox-bottomnav npm...
MAL-2025-192604 Malicious code in xbox-bottomnav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 956281b4efe244dbc01ea826196ee41b5cca6af75d50aa903ecfc4ab5bac134b The package xbox-bottomnav was found to contain malicious code. Source: ossf-package-analysis...
Microsoft Outage Hits Azure, 365, Xbox, Minecraft and More
A major Microsoft outage has disrupted Azure, Microsoft 365, Xbox, and Minecraft worldwide after a configuration failure, with services now gradually recovering...
CVE-2025-59281
Improper link resolution before file access 'link following' in XBox Gaming Services allows an authorized attacker to elevate privileges locally...
CVE-2025-53768
Use after free in Xbox allows an authorized attacker to elevate privileges locally...
EUVD-2025-34366
Improper link resolution before file access 'link following' in XBox Gaming Services allows an authorized attacker to elevate privileges locally...
EUVD-2025-34348
Use after free in Xbox allows an authorized attacker to elevate privileges locally...
CVE-2025-59281
Improper link resolution before file access 'link following' in XBox Gaming Services allows an authorized attacker to elevate privileges locally...
CVE-2025-59281
Improper link resolution before file access 'link following' in XBox Gaming Services allows an authorized attacker to elevate privileges locally...
CVE-2025-53768
Use after free in Xbox allows an authorized attacker to elevate privileges locally...
CVE-2025-53768
Use after free in Xbox allows an authorized attacker to elevate privileges locally...
CVE-2025-53768
CVE-2025-53768 corresponds to an Xbox-related vulnerability in the IStorageService component, described as a use-after-free that enables an authorized attacker to elevate privileges locally. The connected NCSC advisory references this CVE as an Xbox issue with impact class “Obtaining Increased Ri...
CVE-2025-53768 Xbox IStorageService Elevation of Privilege Vulnerability
...
CVE-2025-53768 Xbox IStorageService Elevation of Privilege Vulnerability
...
CVE-2025-59281 Xbox Gaming Services Elevation of Privilege Vulnerability
...
CVE-2025-59281 Xbox Gaming Services Elevation of Privilege Vulnerability
...
CVE-2025-59281
Xbox Gaming Services suffers an elevation of privilege via improper link resolution before file access ("link following"). An authorized local attacker can escalate to higher privileges. CVSSv3.1 base score 7.8 (HIGH); attack vector LOCAL, privileges required LOW, no user interaction. Remediation...