32 matches found
CVE-2025-67813
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...
CVE-2025-67813
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...
Quest KACE Desktop Authority 安全漏洞
Quest KACE Desktop Authority is a user environment management software from Quest Corporation. A security vulnerability exists in Quest KACE Desktop Authority versions 11.3.1 and earlier, which stems from insecure named pipe permissions used for inter-process communication...
CVE-2025-67813
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...
EUVD-2026-1927
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...
CVE-2025-67813
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Named Pipes used for inter-process communication...
PT-2026-2270
Name of the Vulnerable Software and Affected Versions Quest KACE Desktop Authority versions through 11.3.1 Description Quest KACE Desktop Authority through version 11.3.1 has insecure permissions on the Named Pipes used for inter-process communication. Named Pipes are used to enable communication...
CVE-2025-67813
CVE-2025-67813 affects Quest KACE Desktop Authority up to and including version 11.3.1. The vulnerability is insecure permissions on named pipes used for inter-process communication, exposing IPC to inappropriate access or manipulation. Impact is described in connected sources as insecure named p...
Quest KACE Desktop Authority Cross-Site Scripting Vulnerability
Quest KACE Desktop Authority is a desktop management software from Quest, Inc. A cross-site scripting vulnerability exists in Quest KACE Desktop Authority, which can be exploited by remote attackers to submit special requests that can cause untrusted HTML to reach jQuery's jQuery. htmlPrefilter...
Quest KACE Desktop Authority XXE Vulnerability
Quest KACE Desktop Authority is a desktop management software from Quest, Inc. Quest KACE Desktop Authority is vulnerable to XXE and no detailed vulnerability details are available at this time...
CVE-2021-44030
Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...
CVE-2021-44029
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known due...
CVE-2021-44031
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/GUID/filename...
CVE-2021-44030
Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...
CVE-2021-44031
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/GUID/filename...
CVE-2021-44029
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known due...
CVE-2021-44028
XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285...
CVE-2021-44028
XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285...
Design/Logic Flaw
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/GUID/filename...
Server side request forgery (ssrf)
Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery...