Lucene search
+L

150 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-40956

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

3.7CVSS0.00171EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-40953

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS0.00073EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-40956 Memory disclosure in Secure Access Clients

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

2.1CVSS0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-40956

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

3.7CVSS6.1AI score0.00171EPSS
Exploits0References2
CVE
CVE
added 2 days ago10 views

CVE-2026-40956

CVE-2026-40956 is a memory-disclosure vulnerability in Secure Access client versions prior to 14.55. According to connected records, attackers who have intimate knowledge and total control over the tunnel protocol can cause a small amount of random memory to leak. The CVSS v4.0 score is 2.1 (LOW)...

3.7CVSS6.1AI score0.00171EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44790

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

2.1CVSS6.1AI score0.00171EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-40955

CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...

3.7CVSS6.1AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago39 views

CVE-2026-40953 Heap overflow in Secure Access clients

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS0.00073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

9.8CVSS5.9AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.14 views

CVE-2026-33446

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

9.8CVSS5.9AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.12 views

CVE-2026-33449

CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...

7.5CVSS5.8AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 2:24 p.m.46 views

CVE-2026-8992

The CVE-2026-8992 entry concerns Ivanti Secure Access Client, vulnerable prior to version 22.8R6, due to improper certificate validation. The issue allows remote unauthenticated attackers to execute arbitrary code. According to the description and CVSS metrics (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/22 2:24 p.m.16 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.15 views

Ivanti Secure Access Client 信任管理问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 3:31 p.m.16 views

EUVD-2026-29485

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:21 p.m.22 views

CVE-2026-7432

Ivanti Secure Access Client (before 22.8R6) is affected by two adjacent CVEs identified in the connected documents. CVE-2026-7432 describes a race condition that could allow a locally authenticated user to escalate privileges to SYSTEM. CVE-2026-7431 describes an incorrect permission assignment f...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:21 p.m.10 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
Ivanti
Ivanti
added 2026/05/12 2:2 p.m.41 views

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

8.8CVSS6.2AI score0.00564EPSS
Exploits0
NVD
NVD
added 2026/04/30 9:16 p.m.6 views

CVE-2026-33449

CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...

7.5CVSS0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 8:16 p.m.9 views

CVE-2026-33448

CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can force the client to dump the contents of a small portion of memory to the log files potentially revealing secrets...

4.8CVSS0.001EPSS
Exploits0References1
Rows per page
Query Builder