Lucene search
K

1146 matches found

Kaspersky
Kaspersky
added 2026/05/21 12:0 a.m.19 views

KLA91067 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Entra ID can be...

10CVSS7.8AI score0.00579EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Ivanti Secure Access Client 22.x < 22.8R6 Multiple Vulnerabilities

The Ivanti Secure Access Client installed on the remote host is 22.x prior to 22.8R6. It is, therefore, affected by multiple vulnerabilities: - An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 3:31 p.m.15 views

EUVD-2026-29485

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.11 views

EUVD-2026-29486

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 3:16 p.m.14 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

4.4CVSS0.00176EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:21 p.m.9 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:21 p.m.21 views

CVE-2026-7432

Ivanti Secure Access Client (before 22.8R6) is affected by two adjacent CVEs identified in the connected documents. CVE-2026-7432 describes a race condition that could allow a locally authenticated user to escalate privileges to SYSTEM. CVE-2026-7431 describes an incorrect permission assignment f...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:21 p.m.10 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:21 p.m.34 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 2:18 p.m.35 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

4.4CVSS0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:18 p.m.20 views

CVE-2026-7431

Affected product: Ivanti Secure Access Client. Vulnerabilities (pre-22.8R6): 7431 involves an incorrect permission assignment on a critical resource, enabling a local authenticated user to read/modify sensitive log data via write access to a shared memory section. 7432 is a race condition that al...

4.4CVSS5.8AI score0.00176EPSS
Exploits0References1Affected Software1
Ivanti
Ivanti
added 2026/05/12 2:2 p.m.40 views

May 2026 Security Advisory Ivanti Secure Access Client (CVE-2026-7431, CVE-2026-7432)

Update 22 May: CVE-2026-8992 has been added to Vulnerability Details Summary Ivanti has released updates for the Ivanti Secure Access Client which addresses one medium severity vulnerability and two High severity vulnerabilities. We are not aware of any customers being exploited by these...

8.8CVSS6.2AI score0.00564EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40038

Name of the Vulnerable Software and Affected Versions Ivanti Secure Access Client versions prior to 22.8R6 Description An incorrect permission assignment for a critical resource allows a local authenticated user to read or modify sensitive log data. This is possible through write access to a shar...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Ivanti Secure Access Client 竞争条件问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a race condition vulnerability. This vulnerability was caused by race conditions, which could lead to local authenticated users...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Ingeteam Ingecon Sun EMS Board 加密问题漏洞

The Ingeteam Ingecon Sun EMS Board is a control and communication expansion card developed by Ingeteam for photovoltaic power generation and energy management scenarios. The Ingeteam Ingecon Sun EMS Board has encryption-related vulnerabilities. These vulnerabilities stem from insecure credential...

9.2CVSS5.8AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/01 8:48 p.m.7 views

CVE-2026-33450

CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/01 8:48 p.m.7 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.9AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 9:16 p.m.5 views

CVE-2026-40950

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

7.1CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 9:16 p.m.6 views

CVE-2026-40951

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service...

6.8CVSS0.00095EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 9:16 p.m.12 views

CVE-2026-40949

CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to trigger a denial of service...

6.8CVSS0.00103EPSS
Exploits0References1
Rows per page
Query Builder