Lucene search
K

879 matches found

CVE
CVE
added 2026/02/20 10:24 p.m.18 views

CVE-2026-2490

CVE-2026-2490 affects RustDesk Client for Windows, specifically the Transfer File feature. A local attacker with low-privilege execution can upload a symbolic link to cause the service to read arbitrary files, potentially exposing data in the SYSTEM context. Multiple sources (ZDI-26-117, RedHat R...

5.5CVSS5.7AI score0.00319EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

RustDesk 后置链接漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. The RustDesk Client for Windows has a post-release link vulnerability, which stems from a symbolic link iss...

5.5CVSS6.1AI score0.00319EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/02/19 12:0 a.m.6 views

RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

5.5CVSS5.8AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.6 views

PT-2026-20860

Name of the Vulnerable Software and Affected Versions RustDesk Client for Windows affected versions not specified Description A security issue exists in RustDesk Client for Windows related to the Transfer File feature. A local attacker with low-privileged code execution capabilities can disclose...

5.5CVSS6.1AI score0.00319EPSS
Exploits0References6
NVD
NVD
added 2026/01/29 9:16 a.m.9 views

CVE-2026-23567

An integer underflow in the UDP command handler of the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service service crash via...

6.5CVSS0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/29 8:48 a.m.25 views

CVE-2026-23568 Out-of-bounds read vulnerability in Content Distribution Service

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...

5.4CVSS0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/29 8:39 a.m.4 views

CVE-2026-23563

Improper Link Resolution Before File Access invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control junction or symlink that is...

5.7CVSS5.9AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2026/01/28 4:41 p.m.43 views

CVE-2025-13919

The CVE-2025-13919 entry concerns Symantec Endpoint Protection Client vulnerabilities, specifically a COM Hijacking issue in Windows where references in the COM registry can be hijacked to establish persistence and evade detection. Affected software is SEP Client versions prior to 14.3 RU10 Patch...

4.4CVSS5.8AI score0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/28 4:41 p.m.29 views

CVE-2025-13919 Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...

4.4CVSS0.0013EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/28 4:35 p.m.34 views

CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...

6.7CVSS0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/28 4:35 p.m.3 views

CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...

6.7CVSS5.8AI score0.00147EPSS
Exploits0References1
CVE
CVE
added 2026/01/28 4:35 p.m.55 views

CVE-2025-13918

CVE-2025-13918 affects Symantec Endpoint Protection Client on Windows, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, introducing an Elevation of Privilege vulnerability. The connected documents corroborate a local, high-privilege impact with user interaction not required, and no expli...

6.7CVSS5.8AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/15 3:15 p.m.6 views

CVE-2025-9142

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS6.7AI score0.00072EPSS
Exploits0References1
NVD
NVD
added 2026/01/14 3:16 p.m.8 views

CVE-2025-9142

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS0.00072EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 2:30 p.m.3 views

CVE-2025-9142

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...

7.5CVSS5.5AI score0.00072EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.11 views

PT-2026-2858

Name of the Vulnerable Software and Affected Versions Harmony SASE Windows client affected versions not specified Description A local user can trigger the software to write or delete files outside the intended certificate working directory. Recommendations At the moment, there is no information...

7.5CVSS5.9AI score0.00072EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/01/13 4:0 p.m.5 views

Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability

Improper access control in Windows Client-Side Caching CSC Service allows an authorized attacker to disclose information locally...

5.5CVSS6.6AI score0.00463EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/01/13 7:24 a.m.209 views

Exploit for Path Traversal in Druva Insync_Client

CVE-2020-5752: Druva inSync Local Privilege Escalation A C-ba...

7.8CVSS7.8AI score0.08607EPSS
Exploits12
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Microsoft Desktop Windows Manager 安全漏洞

Microsoft Desktop Windows Manager is a desktop window manager from Microsoft Corporation USA. A security vulnerability exists in Microsoft Desktop Windows Manager. An attacker exploiting this vulnerability could gain access to sensitive information. The following products and versions are...

5.5CVSS6AI score0.05028EPSS
Exploits5References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. Microsoft Windows suffers from a buffer error vulnerability. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...

4.6CVSS6AI score0.0062EPSS
Exploits0References1
Rows per page
Query Builder