EUVD-2025-16023

Malicious code in bioql PyPI...

CVE-2025-20112

CVE-2025-20112 affects multiple Cisco Unified Communications and Contact Center Solutions. Affected component/impact: privilege escalation to root on the device via exploitation of excessive permissions on system commands, leading to escape from restricted shell. Exploitation requires local, auth...

CVE-2025-20112 Cisco Unified Communications Products Privilege Escalation Vulnerability

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attack...

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

The vulnerability of the VMX service on the VMware Cloud Foundation virtualization platform and the VMware ESXi hypervisor allows a perpetrator to escalate their privileges.

The vulnerability of the VMX service on the VMware Cloud Foundation and the VMware ESXi hypervisor platform is related to lack of access control mechanisms. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the management tools for virtual infrastructure, such as VMware vCenter Server and VMware ESXi hypervisor, related to authentication deficiencies, allows attackers to cause partial service interruptions.

The vulnerability of the virtual infrastructure management tools VMware vCenter Server and VMware ESXi hypervisor is related to authentication deficiencies. Exploiting this vulnerability can allow a malicious actor to cause partial service disruption from a remote location...

The vulnerability of the management tools for virtual infrastructure, such as VMware vCenter Server and VMware ESXi hypervisor, is related to incorrect session duration settings, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the management tools for virtual infrastructure, such as VMware vCenter Server and VMware ESXi hypervisor, is related to incorrect session duration settings. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protecte...

PT-2019-2188 · Intel +7 · Intel Microprocessors +11

Name of the Vulnerable Software and Affected Versions: Intel microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Description: The issu...

The vulnerability of the management tools for virtual infrastructure, such as VMware vCenter Server and VMware ESXi hypervisors, arises from the failure to address sequences of characters CRLF. This allows attackers to control the headers and bodies of HTTP responses, as well as execute cross-site scripting attacks and attacks on intermediate proxy servers.

The vulnerability of the VMware vCenter Server and VMware ESXi hypervisor management infrastructure relates to the lack of measures to neutralize CRLF sequences. User-provided data is appended to HTTP responses without proper processing, allowing arbitrary headers to be inserted into HTTP...

Cisco Nexus 1000v Application Virtual Switch Cisco Discovery Protocol Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco Discovery Protocol packet processing for the Cisco Nexus 1000v Application Virtual Switch AVS could allow an unauthenticated, remote attacker to cause the ESXi hypervisor to crash and display a purple diagnostic screen, resulting in a denial of service DoS condition. The...