718 matches found
[SECURITY] Fedora 42 Update: rust-az-snp-vtpm-0.7.4-1.fc42
VTPM based SEV-SNP attestation for Azure Confidential VMs...
CVE-2025-10220
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
CVE-2025-10222
Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...
CVE-2025-10220
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
CVE-2025-10222 Sensitive Information Disclosure in Diagnostic Dumps in AxxonSoft Axxon One VMS
Exposure of Sensitive Information to an Unauthorized Actor CWE-200 in the diagnostic dump component in AxxonSoft Axxon One VMS C-Werk 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading...
CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
CVE-2025-10220
CVE-2025-10220 affects AxxonSoft Axxon One VMS 2.0.0–2.0.4 on Windows due to use of unmaintained third‑party NuGet components (e.g., Google.Protobuf, DynamicData, System.Runtime.CompilerServices.Unsafe). The underlying issue is reliance on unmaintained third‑party packages, enabling remote code e...
CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4
Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...
Azure Connected Machine Agent Elevation of Privilege Vulnerability
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
Linux Distros Unpatched Vulnerability : CVE-2017-12450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The alphavmsobjectp function in bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows...
[SECURITY] Fedora 41 Update: libtpms-0.9.7-1.fc41
A library providing TPM functionality for VMs. Targeted for integration into Qemu...
PT-2025-24896
Name of the Vulnerable Software and Affected Versions TCG TPM2.0 versions affected versions not specified AMD Ryzen processors versions not specified Description The TCG TPM2.0 reference implementation's CryptHmacSign function contains a flaw due to a lack of validation between the signature sche...
XenServer and Citrix Hypervisor Security Update for CVE-2025-27462, CVE-2025-27463, CVE-2025-27464
Description of Problem Issues have been identified in the XenServer VM Tools for Windows that allow an attacker who has the ability to execute arbitrary unprivileged code within a guest Windows VM to compromise that same VM. This issue affects Windows VMs running on either XenServer 8.4 and Citri...
CVE-2023-21998
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
CVE-2023-28175
Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...
CVE-2021-20623
Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request...
CVE-2020-6960
The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch,...
CVE-2020-3948
Linux Guest VMs running on VMware Workstation 15.x before 15.5.2 and Fusion 11.x before 11.5.2 contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled...
CVE-2019-6582
A vulnerability has been identified in Siveillance VMS 2017 R2 All versions V11.2a, Siveillance VMS 2018 R1 All versions V12.1a, Siveillance VMS 2018 R2 All versions V12.2a, Siveillance VMS 2018 R3 All versions V12.3a, Siveillance VMS 2019 R1 All versions V13.1a. An attacker with network access t...
CVE-2019-5996
SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...