7 matches found
PT-2025-23025
Warning: High severity vulnerabilities in @Citrix XenServer VM Tools for Windows CVE-2025-27462, CVE-2025-27463, CVE-2025-27464 impact Windows VMs on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR, risking sandbox escapes. Act now! Patch https://t.co/SF4q8mMyxr...
PT-2025-23026
Warning: High severity vulnerabilities in @Citrix XenServer VM Tools for Windows CVE-2025-27462, CVE-2025-27463, CVE-2025-27464 impact Windows VMs on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR, risking sandbox escapes. Act now! Patch https://t.co/SF4q8mMyxr...
CVE-2025-3935
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...
CVE-2025-3935
creationtimestamp| type| source ---|---|--- 2025-04-25 18:46:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114400087294337009 2025-04-25 19:07:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13499 2025-04-25 21:30:14+00:00| seen|...
CVE-2025-3935
CVE-2025-3935 affects ScreenConnect 25.2.3 and earlier, where ViewState code injection can enable remote code execution if machine keys are compromised. The vulnerability stems from platform-level ViewState handling in ASP.NET Web Forms rather than a ScreenConnect flaw. ScreenConnect 2025.4 patch...
CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...
CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...