Lucene search
K

28 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-15682

AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

5.5CVSS0.001EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-15681

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

5.5CVSS0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-57871

Name of the Vulnerable Software and Affected Versions AnyDesk affected versions not specified Description A flaw in the Send Support Information feature allows local attackers to cause a denial-of-service condition. An attacker with the ability to execute low-privileged code on the target system...

5.5CVSS6.3AI score0.001EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/19 2:16 p.m.10 views

EUVD-2016-10907

AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during applicatio...

8.5CVSS6.2AI score0.00181EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.26 views

PT-2026-50912

Name of the Vulnerable Software and Affected Versions AnyDesk version 2.5.0 Description An unquoted service path issue exists in the service installation, allowing local users to execute arbitrary code with SYSTEM privileges. This occurs when a service path contains spaces and is not enclosed in...

8.5CVSS6.2AI score0.00181EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/12/11 9:43 p.m.32 views

CVE-2025-34499 AnyDesk 9.0.1 Unquoted Service Path Privilege Escalation Vulnerability

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-lev...

6.9CVSS0.00376EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/06 6:32 p.m.5 views

EUVD-2025-38149

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can manipulate remote AnyDesk settings and create a password for the Full Access profile without needing confirmation from the counterparty. Consequently, the attacker can later...

6.5AI score0.00288EPSS
Exploits1References3
CVE
CVE
added 2025/11/06 12:0 a.m.18 views

CVE-2025-27919

CVE-2025-27919 affects AnyDesk up to version 9.0.4. A remote user with the 'Control my device' permission can modify remote AnyDesk settings and create a password for the Full Access profile without counterparty confirmation, enabling later connections without confirmation. Impact per sources: co...

8.2CVSS6.7AI score0.00288EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/11/06 12:0 a.m.21 views

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

0.00484EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.9 views

PT-2025-45346

Name of the Vulnerable Software and Affected Versions AnyDesk versions prior to 9.0.0 Description An issue exists where an integer overflow can lead to a heap-based buffer overflow. This occurs through the processing of a UDP packet, specifically during the handling of an Identity user image with...

9.8CVSS7.1AI score0.00484EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-30308

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01117EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-51089

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.01165EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-28010

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31267

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01021EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-31266

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00554EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:32 p.m.12 views

CVE-2020-35483

AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file...

7.8CVSS6.7AI score0.00468EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/06 12:0 a.m.7 views

PT-2025-15095 · Anydesk · Anydesk

Name of the Vulnerable Software and Affected Versions: AnyDesk affected versions not specified Description: The issue concerns a remote code execution RCE proof of concept PoC related to AnyDesk. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

9.3AI score
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/04/06 12:0 a.m.8 views

PT-2025-15093

Name of the Vulnerable Software and Affected Versions AnyDesk affected versions not specified Description The issue concerns a remote code execution RCE exploit. Technical details include the use of a vxproj file, conversion to vbs and then to ps1 PowerShell script, and involvement of an asar fil...

2.7CVSS7.1AI score0.00427EPSS
Exploits2References18
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.7 views

The vulnerability of AnyDesk’s remote access and management software lies in the improper definition of symbolic links before accessing files. This allows attackers to disclose sensitive information that should be protected.

The vulnerability of AnyDesk remote access and management software is related to the improper definition of symbolic links before accessing files. Exploiting this vulnerability can allow attackers to disclose protected information...

5.5CVSS5.9AI score0.01165EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/12/30 5:15 p.m.25 views

CVE-2024-12754

AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

5.5CVSS0.01165EPSS
Exploits0References1
Rows per page
Query Builder