Lucene search
K

237 matches found

NVD
NVD
added yesterday4 views

CVE-2026-40956

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

2.1CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-40953

CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...

6.7CVSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-40956

CVE-2026-40956 is a memory-disclosure vulnerability in Secure Access client versions prior to 14.55. According to connected records, attackers who have intimate knowledge and total control over the tunnel protocol can cause a small amount of random memory to leak. The CVSS v4.0 score is 2.1 (LOW)...

2.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44790

CVE-2026-40956 is a memory disclosure vulnerability in Secure Access client versions prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can cause a small amount of random memory to leak...

2.1CVSS6.1AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

9.8CVSS5.9AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.13 views

CVE-2026-33446

CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...

9.8CVSS5.9AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.12 views

CVE-2026-33449

CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...

7.5CVSS5.8AI score0.00235EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:49 p.m.9 views

OESA-2026-2578 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior ...

9.8CVSS5.4AI score0.00813EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 5:45 p.m.28 views

CVE-2026-7770 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

8.8CVSS0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 5:45 p.m.10 views

CVE-2026-7770 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions ACS is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator...

8.8CVSS6.4AI score0.00439EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:24 p.m.8 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/22 2:24 p.m.16 views

EUVD-2026-31445

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/22 2:24 p.m.15 views

CVE-2026-8992

An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 2:24 p.m.44 views

CVE-2026-8992

The CVE-2026-8992 entry concerns Ivanti Secure Access Client, vulnerable prior to version 22.8R6, due to improper certificate validation. The issue allows remote unauthenticated attackers to execute arbitrary code. According to the description and CVSS metrics (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.15 views

Ivanti Secure Access Client 信任管理问题漏洞

Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...

8.8CVSS6.1AI score0.00564EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 3:31 p.m.16 views

EUVD-2026-29485

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 3:16 p.m.15 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS0.00284EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 2:21 p.m.21 views

CVE-2026-7432

Ivanti Secure Access Client (before 22.8R6) is affected by two adjacent CVEs identified in the connected documents. CVE-2026-7432 describes a race condition that could allow a locally authenticated user to escalate privileges to SYSTEM. CVE-2026-7431 describes an incorrect permission assignment f...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 2:21 p.m.10 views

CVE-2026-7432

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:18 p.m.14 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

7.8CVSS5.8AI score0.00284EPSS
Exploits0References2
Rows per page
Query Builder