Security Bulletin: Multiple Vulnerabilities in VMware ESXi affect IBM Cloud Pak System

Summary Vulnerabilities in VMware ESXi affect IBM Cloud Pak System. IBM Cloud Pak System has addressed vulnerabilities. Cloud Pak Sytem has delivered updated workload nodes to VMware ESXi 83U3g. Vulnerability Details CVEID:CVE-2025-41236 DESCRIPTION: VMware ESXi, Workstation, and Fusion contain a...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. Microsoft Windows suffers from a resource management error vulnerability. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...

CVE-1999-0094

AIX piodmgrsu command allows local users to gain additional group privileges...

EUVD-1999-1371

Malware in sbrugna...

EUVD-1999-0435

Malware in sbrugna...

EUVD-2012-4021

Malware in sbrugna...

EUVD-2018-1045

Malware in sbrugna...

EUVD-2024-25280

Malicious code in bioql PyPI...

EUVD-2023-31327

Malicious code in bioql PyPI...

EUVD-2025-10095

Malicious code in bioql PyPI...

Exploit for CVE-2025-49144

notepad-v8.8.1-LPE-CVE- CVE-2025-49144 Notepad++ v8.8.1 SY...

Updated udisks2 & libblockdev packages fix security vulnerabilities

A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the "allowactive" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allowactive" user on a syst...

CVE-2023-5087

The Page Builder: Pagelayer WordPress plugin before 1.7.8 doesn't prevent attackers with author privileges and higher from inserting malicious JavaScript inside a post's header or footer code...

CVE-2020-21989

HomeAutomation 3.3.2 is affected by Cross Site Request Forgery CSRF. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges i...

CVE-2005-2741

Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators...

CVE-2025-1986 Gutentor < 3.4.7 - Admin+ SQL Injection

The Gutentor WordPress plugin before 3.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

Google Android elevation of privilege vulnerability (CNVD-2025-05218)

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to elevate privileges...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS 17 and iPadOS 17, which arises from an application that may be able to execut...

CVE-2023-28045

Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data...

Exploit for CVE-2022-32832

CVE-2022-32832 Proof-of-concept and write-up for the CVE...