CVE-2025-46708 – VMware ESXi GPU Resource Hijacking

June 27, 2025

CVE ID : CVE-2025-46708

Published : June 27, 2025, 5:15 p.m. | 1 hour, 57 minutes ago

Description : Software installed and running inside a Guest VM may conduct improper GPU system calls to prevent other Guests from running work on the GPU.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52207 – MikoPBX PHP File Upload Vulnerability

Next Article CVE-2025-46707 – VMware ESXi Firmware Privilege Escalation

Highlights

CVE-2025-52880 – Komga EPUB XSS Attack Vector

June 24, 2025

CVE ID : CVE-2025-52880

Published : June 24, 2025, 8:15 p.m. | 1 hour, 11 minutes ago

Description : Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting (XSS) vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker perform actions on the victim’s behalf. When targeting an admin user, this can be combined with controlling a server-side command to achieve arbitrary code execution. For this vulnerability to be exploited, a malicious EPUB file has to be present in a Komga library, and subsequently accessed in the Epub reader by an admin user. Version 1.22.0 contains a patch for the issue.

Severity: 4.2 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-46708 – VMware ESXi GPU Resource Hijacking

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

FormBook Malware Spreads via Sophisticated Phishing Attack

CVE-2025-5114 – Easysoft Zentaopms Deserialization Vulnerability

4 features on Windows 11 exclusive to Europe that Microsoft should make global

Kodeco Podcast: All the Conferences – Podcast V2, S3 E3 [FREE]

CVE-2025-52880 – Komga EPUB XSS Attack Vector

CVE-2025-38351 – KVM Hyper-V Canonical GVA Vulnerability

How to Build a Successful Product

CVE-2025-46729 – Julmud/phpDVDProfiler Cross-Site Scripting Vulnerability

CVE-2025-46708 – VMware ESXi GPU Resource Hijacking

Related Posts