21 matches found
CVE-2026-33450
CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...
CVE-2026-33450
CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...
CVE-2026-33446
CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...
CVE-2026-33450
CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...
EUVD-2026-26422
CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...
EUVD-2026-26421
CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...
CVE-2026-33449
CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...
CVE-2026-33449 Message handler buffer overflow in clients prior to 14.50
CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...
CVE-2026-33446 Buffer overflow in client authentication prior to version 14.50
CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or a denial of service...
PT-2026-36174
Name of the Vulnerable Software and Affected Versions Secure Access MacOS client versions prior to 14.50 Description An out of bounds read occurs when attackers controlling a modified server send a malformed packet to the client, resulting in a denial of service. Recommendations Update to version...
PT-2026-36173
Name of the Vulnerable Software and Affected Versions Secure Access client versions prior to 14.50 Description A buffer overflow exists in a message handling function of the client. Attackers controlling a modified server can send a cryptographically valid message to overwrite a small portion of...
PT-2026-36169
Name of the Vulnerable Software and Affected Versions Secure Access client versions prior to 14.50 Description A buffer overflow exists in a message parsing function of the client. Attackers controlling a modified server can send a specially crafted packet to overwrite a small portion of memory,...
In PostgreSQL a modified unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
...
postgresql: Client memory disclosure when connecting with Kerberos to modified server
A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
postgresql: Client memory disclosure when connecting with Kerberos to modified server
A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
postgresql: Client memory disclosure when connecting with Kerberos to modified server
A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
postgresql: Client memory disclosure when connecting with Kerberos to modified server
A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
K04665443: OpenSSH vulnerability CVE-2021-36368
Security Advisory Description DISPUTED An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cann...
Design/Logic Flaw
The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference...