61 matches found
EUVD-2025-27310
Malicious code in bioql PyPI...
EUVD-2025-20634
Malicious code in bioql PyPI...
CVE-2025-54108
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-54108
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-54108
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
CVE-2025-54108
CVE-2025-54108 is a local-elevation-of-privilege in the Windows Capability Access Management Service (camsvc) caused by a race-condition with an improper synchronization of a shared resource. Publicly disclosed in Microsoft’s CVE entry and mirrored in MSRC/KB notes, the vulnerability affects Wind...
CVE-2025-54108 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
...
CVE-2025-54108 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
...
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...
PT-2025-36850
Name of the Vulnerable Software and Affected Versions: Capability Access Management Service camsvc affected versions not specified Description: A race condition exists within the Capability Access Management Service camsvc due to improper synchronization during concurrent execution using a shared...
The vulnerability of the access controller service allows attackers to exploit the Capability Access Management Service (camsvc) of Windows operating systems, thereby enabling them to increase their privileges.
The vulnerability of the access controller service related to the Capability Access Management Service camsvc on Windows operating systems is associated with competitive access to resources during a “race condition”. Exploiting this vulnerability can allow an attacker to enhance their privileges...
CVE-2025-49690
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an unauthorized attacker to elevate privileges locally...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention of a security measure - Execution of arbitrary code - Accessin...
CVE-2025-49690
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an unauthorized attacker to elevate privileges locally...
CVE-2025-49690 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
...
CVE-2025-49690
CVE-2025-49690 is a local-privilege-elevation flaw in Windows' Capability Access Management Service (camsvc) caused by race-condition due to improper synchronization. The issue affects camsvc and can lead to elevated privileges on affected Windows builds. The CVE entry cites a local, user‑no‑inte...
CVE-2025-49690 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
...
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an unauthorized attacker to elevate privileges locally...
PT-2025-28588 · Unknown +1 · Capability Access Management Service +1
Name of the Vulnerable Software and Affected Versions: Capability Access Management Service camsvc affected versions not specified Description: The issue is related to a 'race condition' due to improper synchronization when using a shared resource in the Capability Access Management Service camsv...
Applying Security Engineering to Prompt Injection Security
This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL CApabilities for MachinE Learning, a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves. Instead, CaMeL treats...