BACK TO INTEL

Archives

Classification

Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

Feed

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2024-21762

CVE-2024-21762: Critical Fortinet FortiOS Out-of-Bounds Write Vulnerability Technical Advisory

Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.

FortiOS
View Detail
CVE-2026-0300

CVE-2026-0300: Critical Root-Level RCE in Palo Alto Networks PAN-OS Captive Portal

Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.

PAN-OS
View Detail
CVE-2020-3259

Critical Vulnerability Advisory: Defending Against Cisco ASA and FTD Memory Disclosure (CVE-2020-3259)

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.

Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
View Detail
CVE-2024-21338

CVE-2024-21338: Critical Windows Kernel Privilege Escalation Advisory

Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.

Windows
View Detail
CVE-2023-48788

CVE-2023-48788: Critical Fortinet FortiClient EMS SQL Injection Advisory

Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.

FortiClient EMS
View Detail
CVE-2021-44529

Critical Ivanti EPM CSA Code Injection Advisory: CVE-2021-44529 Patch Requirements

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).

Endpoint Manager Cloud Service Appliance (EPM CSA)
View Detail
CVE-2023-24955

CVE-2023-24955: Critical Microsoft SharePoint Server Code Injection Advisory

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.

SharePoint Server
View Detail
CVE-2024-30051

CVE-2024-30051: Mitigating the Microsoft DWM Core Library Heap Overflow and SYSTEM Escalation Risk

Microsoft DWM Core Library contains a privilege escalation vulnerability (CVE-2024-30051) that allows an attacker to gain SYSTEM privileges via a heap-based buffer overflow.

DWM Core Library
View Detail
CVE-2024-37085

Critical ESXi Authentication Bypass: Defending Against CVE-2024-37085 and AD-Based Lateral Movement

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

ESXi
View Detail
CVE-2026-31431

CVE-2026-31431: Urgent Linux Kernel Crypto Subsystem Patch Released for Resource Transfer Vulnerability

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

Kernel
View Detail
CVE-2025-22225

CVE-2025-22225: Critical VMware ESXi Arbitrary Write Vulnerability and Sandbox Escape Advisory

VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

ESXi
View Detail
CVE-2025-26633

Critical Security Advisory: CVE-2025-26633 — Windows Management Console Improper Neutralization Vulnerability

Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.

Windows
View Detail
1234567