CVE-2026-40950

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

CVE-2026-40950

CVE-2026-40950 is a buffer overflow in the Secure Access server prior to 14.50. The vulnerability can be triggered when an attacker in control of a modified client sends a specially crafted message to the server, leading to denial of service. The assessed CVSS 4.0 vector (AV:N/AC:L/PR:L/UI:N/VC:N...

CVE-2026-40950

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

CVE-2026-40950 Buffer overflow in the Secure Access server prior to 14.50

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

EUVD-2026-26430

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

PT-2026-36181

Name of the Vulnerable Software and Affected Versions Secure Access server versions prior to 14.50 Description A buffer overflow occurs when a program writes more data to a block of memory than it can hold. In this case, attackers using a modified client can send a specially crafted message to th...

EUVD-2005-2791

Malware in sbrugna...

CVE-2022-24125

The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...

Nicotine+安全漏洞

Nicotine+ is a graphical client for the Soulseek peer-to-peer network. Designed to be a pleasant, free and open source FOSS alternative to the official Soulseek client, it provides additional functionality while staying synchronized with the Soulseek protocol. Nicotine+ version 3.0.3 and later A...

Code injection

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device,...

EMC Avamar Data Store and Avamar Virtual Edition Backup Data Read Vulnerability

EMC Avamar is a backup and recovery solution. EMC Avamar Server's ADS and AVE rely on client-side authentication, allowing remote attackers to read backup information using a vulnerable modified client agent...

CVE-2016-0019

The Remote Desktop Protocol RDP service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass...

CVE-2008-1883

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string...

Design/Logic Flaw

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string...

CVE-2004-2592

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service application crash via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines...

Information leakage in Quake2

It's possible to retrieve any server variables vaules including $rconpassword by using modified client without $-variables expanding...

Remote quake 2 3.2x server cvar leak

Hello, A problem exists in the Quake II Server for any OS probably all versions; tested 3.20 and 3.21 discovered by 'Redix' that allows server cvars containing sensitve information to be leaked. This has been known for a little over 2 months, I run several Q2 servers and only learned of it today...