CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in the Secure Access client’s message parsing function prior to 14.50. An attacker able to control a modified server can send a crafted packet to overwrite a small portion of memory, potentially causing memory corruption or denial of service. Remediation: upgra...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

EUVD-2026-26415

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

CVE-2026-33446

CVE-2026-33446 describes a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. An attacker-controlled server can send a special packet that overwrites memory, potentially causing memory corruption or denial of service. Affected component: authentication su...

CVE-2026-33446 Buffer overflow in client authentication prior to version 14.50

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

CVE-2026-33446

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

CVE-2026-33446 Buffer overflow in client authentication prior to version 14.50

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

EUVD-2026-26413

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

Vuln2Secure-A-Secure-Software-Design-Testing-Framework

No d...

CLSA-2026-1777556512 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: setuid/setgid bits preserved on scp downloads without -p - debian/patches/CVE-2026-35385.patch: in legacy -O mode, OR 07000 into the saved umask in sink in scp.c so that setuid/setgid/sticky bits are stripped from received files when -p is not specified. - CVE-2026-35385...

Exploit for Acceptance of Extraneous Untrusted Data With Trusted Data in Microsoft

BitUnlocker Downgrade Attack A proof of concept for accessing...

CLSA-2026-1777547626 openssh: Fix of CVE-2026-35385

CVE-2026-35385: clear setuid/setgid bits when downloading files as root in scp legacy -O mode without the -p flag...

CLSA-2026-1777542837 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp setuid/setgid bit handling - debian/patches/CVE-2026-35385.patch: when downloading files as root in legacy -O mode and without the -p preserve modes flag, mask out setuid/setgid bits in scp1 sink. - CVE-2026-35385...

Absolute Secure Access 安全漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a security vulnerability caused by a buffer overflow, which could...

Absolute Secure Access 信息泄露漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a vulnerability related to information leakage, caused by a format...

Absolute Secure Access 安全漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a security vulnerability caused by a buffer overflow in the...

Absolute Secure Access 缓冲区错误漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a buffer error vulnerability, which stems from out-of-bounds readi...