52 matches found
CVE-2020-37251
RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories to execute arbitrary code with LocalSystem privileges during service...
EUVD-2020-31252
RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories to execute arbitrary code with LocalSystem privileges during service...
CVE-2020-37251 RealTimes Desktop Service 18.1.4 Unquoted Service Path Privilege Escalation
RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories to execute arbitrary code with LocalSystem privileges during service...
CVE-2020-37251
RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories to execute arbitrary code with LocalSystem privileges during service...
CVE-2021-27007
NetApp Virtual Desktop Service VDS when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote Desktop Session...
VulnCheck KEV: CVE-2024-37393
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
EUVD-2021-13780
Malware in sbrugna...
EUVD-2024-37197
Malicious code in bioql PyPI...
CVE-2025-6196
CVE-2025-6196 affects libgepub, a library used to read EPUB files. The underlying issue is an integer/size calculation problem in the EPUB archive handling, which can lead to oversized memory allocations and crash the application. Documented impact includes potential denial of service when parsin...
Citrix Virtual Apps and Desktops - ICA Launch failure, Connection was terminated by the server
When user tries to launch a session it fails with the error displayed in Citrix Workspace App: Connection was terminated by the server. Citrix Director displays User Connection Failures; Reason: Unavailable Licenses You can find the events in the Event Viewer on the Delivery Controller: Event ID:...
Patch Tuesday - July 2024
Microsoft is addressing 139 vulnerabilities this July 2024 Patch Tuesday, which is on the high side in terms of typical CVE counts. They’ve also republished details for 4 CVEs issued by other vendors that affect Microsoft products. Microsoft has evidence of in-the-wild exploitation for 2 of the...
CVE-2024-38072 Windows Remote Desktop Licensing Service Denial of Service Vulnerability
...
CVE-2023-27322
CVE-2023-27322 affects Parallels Desktop Service, with a local privilege escalation caused by improper initialization of environment variables in the Parallels Service. The vulnerability enables a local attacker who already has low-privilege code execution access to escalate to root and execute a...
CVE-2023-2112
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0...
PT-2023-17911 · M Files · My Files
Name of the Vulnerable Software and Affected Versions: M-Files versions prior to 23.4.12455.0 Description: The issue allows lateral movement between sessions in the desktop component service. Recommendations: For versions prior to 23.4.12455.0, update to version 23.4.12455.0 or later to resolve t...
VDAs are still trying to register with old DDCs post changing the list of DDCs
Post changing the Delivery Controllers list, VDAs are still trying to register with the old Controllers. Deletes the old Delivery Controllers FQDN on "ListOfDDCs" key in "HKLM\Software\Citrix\VirtualDesktopAgent\Policy" registry and restarts the Citrix desktop service, however the VDAs are still...
NetApp Virtual Desktop Service has an unspecified vulnerability
Netapp NetApp Virtual Desktop Service is a simple desktop service from NetApp USA that automates, manages and optimizes your digital workspace in the public cloud. When used with an HTML5 gateway, an attacker could exploit this vulnerability to take over a remote desktop session...
NetApp Virtual Desktop Service 安全漏洞
Netapp NetApp Virtual Desktop Service is a simple desktop service from NetApp USA that automates, manages and optimizes your digital workspace in the public cloud. When used with an HTML5 gateway, an attacker could exploit this vulnerability to take over a remote desktop session...
Citrix Cloud : VDAs session count increases and the Load index does not show the right value
Events on Server VDA: Event ID : 1039 Source : Citrix Desktop Service Error Details : The Citrix Desktop Service failed to initialize a performance counter. Load management associated with this counter will be disabled...