CVE-2025-46802 – PuTTY Screen Session Privilege Escalation Vulnerability

May 26, 2025

CVE ID : CVE-2025-46802

Published : May 26, 2025, 4:15 p.m. | 42 minutes ago

Description : For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

Severity: 6.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleBombadillo is a non-web browser designed for many protocols

Next Article CVE-2025-23395 – Screen Root Privilege Escalation Vulnerability

Highlights

CVE-2025-4669 – WordPress Booking Calendar Stored Cross-Site Scripting (XSS) Vulnerability

May 17, 2025

CVE ID : CVE-2025-4669

Published : May 17, 2025, 12:15 p.m. | 53 minutes ago

Description : The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s wpbc shortcode in all versions up to, and including, 10.11.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-6837 – Code-projects Library System Unrestricted File Upload Vulnerability

June 28, 2025

Breaking: India’s “Human AI” Srinidhi Ranganathan is Building an AI Universe Where Anyone Can Create Self-Aware Digital Cities

April 28, 2025

wfview controls icom ham radios

June 20, 2025

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-46802 – PuTTY Screen Session Privilege Escalation Vulnerability

Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors

Devman Claims Cyberattack on Thailand Ministry of Labour, Demands $15M Ransom

Microsoft is saving millions with AI and laying off thousands – where do we go from here?

CVE-2025-53165 – Apache HTTP Server Cross-Site Request Forgery

Jamie Oliver website serves up a side of malware

6 new Android ecosystem treats that have this gadget geek grinning

CVE-2025-4669 – WordPress Booking Calendar Stored Cross-Site Scripting (XSS) Vulnerability

CVE-2025-6837 – Code-projects Library System Unrestricted File Upload Vulnerability

Breaking: India’s “Human AI” Srinidhi Ranganathan is Building an AI Universe Where Anyone Can Create Self-Aware Digital Cities

wfview controls icom ham radios

CVE-2025-46802 – PuTTY Screen Session Privilege Escalation Vulnerability

Related Posts