Do Son
A newly disclosed vulnerability in the Capsule Kubernetes multi-tenancy framework exposes organizations to privilege escalation and cross-tenant...
privilege escalation
Zoom has released security updates addressing two significant vulnerabilities in its Windows-based clients—CVE-2025-49456 and CVE-2025-49457—that could enable...
Security researcher Jann Horn from Google Project Zero disclosed the technical details and proof-of-concept exploit code for...
Yesterday, Microsoft issued a critical security advisory addressing a newly identified vulnerability—CVE-2025-53786—in hybrid Microsoft Exchange environments. The...
Elastic has issued patches for two local privilege escalation (LPE) vulnerabilities affecting its popular observability tools—APM Server...
BeyondTrust, a global leader in intelligent identity and access security, has issued two advisories addressing two local...
The CERT Coordination Center (CERT/CC) has issued a Vulnerability Note detailing a critical privilege escalation flaw affecting...
NVIDIA has released software security updates for its GPU Display Drivers and vGPU software across Windows, Linux,...
Amazon Web Services (AWS) has released a security patch for a high-severity local privilege escalation vulnerability (CVE-2025-8069)...
A newly disclosed vulnerability in ASUSTOR’s Windows-based applications—ASUSTOR Backup Plan (ABP) and ASUSTOR EZSync (AES)—could allow local...
Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X...
In April 2025, Microsoft issued a critical security patch addressing a serious vulnerability in the Windows Common...
Lenovo has issued a security advisory disclosing three newly discovered vulnerabilities in Lenovo Vantage, a widely pre-installed...
In a comprehensive and technically expose, Datadog Security Labs has unveiled a privilege escalation method that allows...
As attackers continue to evolve their tactics, Microsoft is taking bold strides to neutralize entire classes of...
NVIDIA has released a critical security update for its Container Toolkit and GPU Operator, patching two high-impact...
Security researcher D3vil has uncovered and weaponized a kernel-level Use-After-Free (UAF) vulnerability—CVE-2025-38001—within the Linux networking stack. The...
In a warning issued by CERT/CC, multiple high-impact vulnerabilities have been identified in Gigabyte UEFI firmware that...
Security researcher Filip Dragović has been credited by Microsoft for uncovering CVE-2025-48799, a local privilege escalation (LPE)...
Schneider Electric has issued a high-severity security advisory disclosing multiple vulnerabilities affecting its flagship infrastructure management platform,...