879 matches found
CVE-2026-2490
CVE-2026-2490 affects RustDesk Client for Windows, specifically the Transfer File feature. A local attacker with low-privilege execution can upload a symbolic link to cause the service to read arbitrary files, potentially exposing data in the SYSTEM context. Multiple sources (ZDI-26-117, RedHat R...
RustDesk 后置链接漏洞
RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and can be used to maintain computers and other devices remotely. The RustDesk Client for Windows has a post-release link vulnerability, which stems from a symbolic link iss...
RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...
PT-2026-20860
Name of the Vulnerable Software and Affected Versions RustDesk Client for Windows affected versions not specified Description A security issue exists in RustDesk Client for Windows related to the Transfer File feature. A local attacker with low-privileged code execution capabilities can disclose...
CVE-2026-23567
An integer underflow in the UDP command handler of the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service service crash via...
CVE-2026-23568 Out-of-bounds read vulnerability in Content Distribution Service
An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...
CVE-2026-23563
Improper Link Resolution Before File Access invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control junction or symlink that is...
CVE-2025-13919
The CVE-2025-13919 entry concerns Symantec Endpoint Protection Client vulnerabilities, specifically a COM Hijacking issue in Windows where references in the COM registry can be hijacked to establish persistence and evade detection. Affected software is SEP Client versions prior to 14.3 RU10 Patch...
CVE-2025-13919 Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...
CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...
CVE-2025-13918
CVE-2025-13918 affects Symantec Endpoint Protection Client on Windows, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, introducing an Elevation of Privilege vulnerability. The connected documents corroborate a local, high-privilege impact with user interaction not required, and no expli...
CVE-2025-9142
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
CVE-2025-9142
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
CVE-2025-9142
A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory...
PT-2026-2858
Name of the Vulnerable Software and Affected Versions Harmony SASE Windows client affected versions not specified Description A local user can trigger the software to write or delete files outside the intended certificate working directory. Recommendations At the moment, there is no information...
Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability
Improper access control in Windows Client-Side Caching CSC Service allows an authorized attacker to disclose information locally...
Exploit for Path Traversal in Druva Insync_Client
CVE-2020-5752: Druva inSync Local Privilege Escalation A C-ba...
Microsoft Desktop Windows Manager 安全漏洞
Microsoft Desktop Windows Manager is a desktop window manager from Microsoft Corporation USA. A security vulnerability exists in Microsoft Desktop Windows Manager. An attacker exploiting this vulnerability could gain access to sensitive information. The following products and versions are...
Microsoft Windows 缓冲区错误漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. Microsoft Windows suffers from a buffer error vulnerability. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...