CVE-2022-26355

Citrix Federated Authentication Service FAS 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider MSKSP. This issue only...

CVE-2025-26355

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...

CVE-2025-26355

creationtimestamp| type| source ---|---|--- 2025-02-12 14:50:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113991473772939533...

CVE-2025-26355

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...

CVE-2025-26355

CVE-2025-26355 describes a CWE-35 path traversal in Q-Free MaxTime. The vulnerability resides in maxtime/api/database/database.lua and affects MaxTime versions less than or equal to 2.11.0. An authenticated remote attacker could delete sensitive files by crafting HTTP requests. The connected sour...

CVE-2025-26355

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...

CVE-2025-26355

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests...

CVE-2023-26355

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26355

Adobe Dimension prior to 3.4.8 contains an out-of-bounds read vulnerability that can disclose memory and may bypass ASLR. The issue affects Dimension 3.4.7 and earlier and requires a user to open a malicious file (local attack vector). Public details confirm affected version range and impact as d...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

CVE-2021-26355

Insufficient fencing and checks in System Management Unit SMU may result in access to invalid message port registers that could result in a potential denial-of-service...

CVE-2021-26355

CVE-2021-26355 affects AMD System Management Unit (SMU) in AMD EPYC platform family. The root cause is insufficient fencing and checks in the SMU, which may allow access to invalid message port registers and could lead to a denial-of-service. The AMD security bulletin AMD-SB-1032 documents mitiga...

CVE-2021-26355

Insufficient fencing and checks in System Management Unit SMU may result in access to invalid message port registers that could result in a potential denial-of-service...

CVE-2022-26355

creationtimestamp| type| source ---|---|--- 2022-03-10 20:25:57+00:00| seen| https://t.me/cibsecurity/38712...

CVE-2022-26355

Summary: CVE-2022-26355 affects Citrix Federated Authentication Service (FAS) versions 7.17–10.6. When deployments configure the registration authority certificate’s private key to be stored in a TPM and PowerShell is used for that configuration, the private key is incorrectly stored in the Micro...

CVE-2022-26355 Citrix Federated Authentication Service (FAS)

Citrix Federated Authentication Service FAS 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider MSKSP. This issue only...

Citrix Federated Authentication Service (FAS) Security Update

An issue has been identified in Citrix Federated Authentication Service FAS which causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module TPM to incorrectly store that key in the Microsoft Software Key Storage Provider...

CVE-2020-26355

CVE-2020-26355 entry is rejected/not used; this CVE ID does not represent an active vulnerability.