52635 matches found
CVE-2026-47653 Remote Desktop Client Remote Code Execution Vulnerability
...
CVE-2026-47289 Remote Desktop Client Remote Code Execution Vulnerability
...
CVE-2026-47289 Remote Desktop Client Remote Code Execution Vulnerability
...
CVE-2026-47289
CVE-2026-47289 is a heap-based buffer overflow in the Remote Desktop Client that enables remote code execution over a network. The vulnerability is exploitable remotely (attack vector: NETWORK) with low complexity and requires user interaction, yielding a high impact on confidentiality, integrity...
CVE-2026-45634 Windows DHCP Client Information Disclosure Vulnerability
...
CVE-2026-45634 Windows DHCP Client Information Disclosure Vulnerability
...
CVE-2026-41108 Windows DNS Client Elevation of Privilege Vulnerability
...
CVE-2026-41108 Windows DNS Client Elevation of Privilege Vulnerability
...
2026-06 .NET 8.0.28 Security Update for x64 Client (KB5097149)
2026-06 .NET 8.0.28 Security Update for x64 Client KB5097149...
2026-06 .NET 10.0.9 Security Update for x86 Client (KB5097148)
2026-06 .NET 10.0.9 Security Update for x86 Client KB5097148...
2026-06 .NET 10.0.9 Security Update for x64 Client (KB5097148)
2026-06 .NET 10.0.9 Security Update for x64 Client KB5097148...
2026-06 .NET 9.0.17 Security Update for ARM64 Client (KB5097150)
2026-06 .NET 9.0.17 Security Update for ARM64 Client KB5097150...
2026-06 .NET 9.0.17 Security Update for x64 Client (KB5097150)
2026-06 .NET 9.0.17 Security Update for x64 Client KB5097150...
2026-06 .NET 10.0.9 Security Update for ARM64 Client (KB5097148)
2026-06 .NET 10.0.9 Security Update for ARM64 Client KB5097148...
CVE-2026-48266
Adobe Experience Manager (AEM) versions affected: 6.5.24, LTS SP1, 2026.04 and earlier. Issue: DOM-based Cross-Site Scripting (XSS) caused by manipulating the DOM environment, allowing malicious JavaScript execution in the victim’s browser. Exploitation requires user interaction (victim must visi...
CVE-2026-24064
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...
MAL-2026-5386 Malicious code in @0xlr/prisma-client-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b993c29d90c2ecfffaa9ed55b99c38e5351052e619b79ad2a385d6c72376f0f4 On npm install, postinstall.js enumerates all of process.env, collects hostname, username, homedir, cwd, argv, platform/arch/release, memory and CPU...
CVE-2026-49843
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...
CVE-2026-35188
CVE-2026-35188 describes a vulnerability in TLS OCSP stapling where a crafted stapled response delivered via the status_request extension can trigger a double-free in the TLS client’s certificate verification path. Impact: potential heap corruption, with the practical consequence of Denial of Ser...
CVE-2026-0420 Missing TLS certificate validation in NETGEAR's ReadyCloud client app
An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle MiTM style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models...