CVE-2026-34343

Heap-based buffer overflow in Windows Application Identity AppID Subsystem allows an authorized attacker to elevate privileges locally...

EUVD-2026-29602

Heap-based buffer overflow in Windows Application Identity AppID Subsystem allows an authorized attacker to elevate privileges locally...

CVE-2026-34343 Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability

...

CVE-2026-34343

CVE-2026-34343 describes a heap-based buffer overflow in Windows’ Application Identity (AppID) Subsystem that could enable local privilege escalation by an authorized attacker. Documented impact is local, with required privileges LOW and no user interaction, consistent with CVSS v3.1 base metrics...

CVE-2026-34343 Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability

...

Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Application Identity AppID Subsystem allows an authorized attacker to elevate privileges locally...

PT-2026-40162

Heap-based buffer overflow in Windows Application Identity AppID Subsystem allows an authorized attacker to elevate privileges locally...

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.6.0-alpha.13 and 8.6.39. These vulnerabilities stemmed from the OAuth2 authentication...

EUVD-2025-21562

Malicious code in bioql PyPI...

EUVD-2025-21550

Malicious code in bioql PyPI...

EUVD-2025-21551

Malicious code in bioql PyPI...

CVE-2025-49830

Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who is able to load policy can use the policy yaml parser to reference files on the Secrets Manager, Self-Hosted server. These references may be used as reconnaissance to better understand th...

CVE-2025-49829

Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attackers to inject resources into the database and to bypass permission checks. This issue affects Secrets Manager, Self-Hosted formerly Conjur...

CVE-2025-49830 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to path traversal and file disclosure

Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who is able to load policy can use the policy yaml parser to reference files on the Secrets Manager, Self-Hosted server. These references may be used as reconnaissance to better understand th...

PT-2025-29614 · Cyberark · Conjur +1

Name of the Vulnerable Software and Affected Versions: Conjur Secrets Manager, Self-Hosted versions prior to 13.5.1 and 13.6.1 Conjur OSS versions prior to 1.22.1 Description: Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager,...

CVE-2023-0117

The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime...

PT-2023-16024 · Unknown · Hwkitassistant

Name of the Vulnerable Software and Affected Versions: hwKitAssistant affected versions not specified Description: The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this issue may affect the availability of...

Fake ID

The software does not properly validate an application's certificate chain. An application can supply a specially crafted application identity certificate to impersonate a privileged application and gain access to vendor-specific device administration extensions. The vulnerability resides in the...

Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020) (deprecated)

Binary data 4772.prm...

Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020)

The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by a password disclosure vulnerability. Altiris Deployment Solution Server reportedly stores 'Application Identity Account password' in the system memory in plain-text. It may be possible for an...