Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.9 views

PT-2025-23025

Warning: High severity vulnerabilities in @Citrix XenServer VM Tools for Windows CVE-2025-27462, CVE-2025-27463, CVE-2025-27464 impact Windows VMs on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR, risking sandbox escapes. Act now! Patch https://t.co/SF4q8mMyxr...

9.4CVSS7.4AI score0.00158EPSS
Exploits0References31
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.10 views

PT-2025-23026

Warning: High severity vulnerabilities in @Citrix XenServer VM Tools for Windows CVE-2025-27462, CVE-2025-27463, CVE-2025-27464 impact Windows VMs on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR, risking sandbox escapes. Act now! Patch https://t.co/SF4q8mMyxr...

9.4CVSS7.4AI score0.00158EPSS
Exploits0References31
NVD
NVD
added 2025/04/25 7:15 p.m.18 views

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS0.03292EPSS
Exploits0References3
Circl
Circl
added 2025/04/25 6:46 p.m.12 views

CVE-2025-3935

creationtimestamp| type| source ---|---|--- 2025-04-25 18:46:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114400087294337009 2025-04-25 19:07:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13499 2025-04-25 21:30:14+00:00| seen|...

8.1CVSS7.5AI score0.03292EPSS
Exploits0References54
CVE
CVE
added 2025/04/25 6:27 p.m.320 views

CVE-2025-3935

CVE-2025-3935 affects ScreenConnect 25.2.3 and earlier, where ViewState code injection can enable remote code execution if machine keys are compromised. The vulnerability stems from platform-level ViewState handling in ASP.NET Web Forms rather than a ScreenConnect flaw. ScreenConnect 2025.4 patch...

8.1CVSS8.5AI score0.03292EPSS
In wildExploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/25 6:27 p.m.15 views

CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS8.5AI score0.03292EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/25 6:27 p.m.37 views

CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS0.03292EPSS
Exploits0References2
Rows per page
Query Builder