Security Vulnerabilities
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.016
Published
2025-10-14
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Commands Connectors configuration modules) allows Stored
XSS by users with elevated privileges.
This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from 24.04.0 before 24.04.18, from 23.10.0 before 23.10.28.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-10-14
Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-14
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-14
External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-14
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.
CVSS Score
2.1
EPSS Score
0.001
Published
2025-10-14
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-14