18357 matches found
Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting
Oracle Secure Global Desktop Administration Console 4.4 contains a reflected cross-site scripting vulnerability in helpwindow.jsp via all parameters, as demonstrated by the sgdadmin/faces/comsunwebui/help/helpwindow.jsp windowTitle parameter. id: CVE-2018-19439 info: name: Oracle Secure Global...
EUVD-2026-45345
Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network...
CVE-2026-56171
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-56171 for affected products, impacted components, and remediation guidance.
CVE-2026-9602
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
CVE-2026-8075
Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...
CVE-2026-8075
Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...
EUVD-2026-45157
Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...
CVE-2026-8075 Posting a malicious markdown image crashes the Mattermost Desktop App
Mattermost Desktop App versions =6.2 5.5.13 6.0.2.0 fail to properly null check when checking for headers in the Mattermost Desktop App which allows any user to crash another channel members Desktop App via posting a malicious link with an embedded image that misses one of those headers. Mattermo...
CVE-2026-8075
CVE-2026-8075 concerns the Mattermost Desktop App. The connected details specify that versions
CVE-2026-9602
Mattermost Desktop App vulnerable versions:
CVE-2026-9602
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
EUVD-2026-45156
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
CVE-2026-9602 Mattermost Desktop App crashes when malformed arguments are provided to some exposed IPC methods
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
CVE-2026-51082
A race condition between the vncproxy and vncwebsocket API calls in Proxmox Virtual Environment (PVE) affects multiple components/versions: pve-manager (9.x before 9.1.9 and 8.x before 8.4.19), qemu-server (9.x before 9.1.7 and 8.x before 8.4.7), and pve-container (6.1.x before 6.1.3 and 5.3.x be...
CVE-2026-53412
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access...
CVE-2026-53412 Zoom Workplace VDI Plugin for Windows - Improper Input Validation
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access...
CVE-2026-53412
CVE-2026-53412 affects Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. The root cause is improper input validation, allowing an unauthenticated, network-remote attacker to take over an account. Impact is high (CVE-2026-53412 CVSS v3.1: 9.8, CRITICAL...
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network...
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412 CVSS score: 9.8, affects Zoom Workplace for Windows before version 7.0.0 and Zoom Workplace VDI Client for...
[SECURITY] Fedora 43 Update: xrdp-0.10.6.1-1.fc43
xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...