144 matches found
Vulnerability fixed in Cisco Anyconnect Secure Mobility Client and Secure Client
Cisco has fixed a vulnerability in Anyconnect Secure Mobility Client and Secure Client for windows. A local, authenticated malicious party could exploit the vulnerability to grant themselves elevated privileges and execute arbitrary code execute code with privileges from SYSTEM. Cisco has release...
Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows Privilege Escalation Vulnerability
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed aft...
SUSE CVE-2017-8452
Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes...
SA40241 - Pulse client privilege escalation issue (CVE-2016-2408)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A security vulnerability was discovered within a Pulse Secure client-side component Windows OS only. By exploiting this vulnerability, a restricted user on a endpoint machine can obtain...
2020-06: Out-of-Cycle Advisory: Pulse Secure Client TOCTOU Privilege Escalation Vulnerability (CVE-2020-13162)
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A security vulnerability was discovered within a Pulse Secure client-side component Windows OS only. This is a client-side exploit only and does not affect the PCS or PPS gateway serve...
PT-2022-6663 · Cisco · Cisco Secure Client
Name of the Vulnerable Software and Affected Versions: Cisco Secure Client formerly Cisco AnyConnect Secure Mobility Client versions affected versions not specified Description: A vulnerability in the client update process of Cisco Secure Client Software for Windows could allow a low-privileged,...
F-Secure 多款产品安全漏洞
F-Secure Elements Agent and others are products of F-Secure Finland.F-Secure Elements Agent is a cloud-native endpoint protection system.F-Secure MDR is a managed network security service.F-Secure Client Security is a client security F-Secure Client Security is a client-side security solution. A...
CVE-2020-8254
A vulnerability in the Pulse Secure Desktop Client 9.1R9 has Remote Code Execution RCE if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below...
Vulnerability fixed in Pulse Secure Client for Windows
A vulnerability has been fixed in Pulse Secure Client for Windows. The vulnerability allows a locally authenticated malicious party the ability to obtain elevated SYSTEM privileges. obtain. Security researcher Red Timmy Security has published a write-up regarding the vulnerability published at:...
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows which runs as NT AUTHORITY/SYSTEM allows unprivileged users to run a Microsoft Installer executable with elevated privileges...
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows which runs as NT AUTHORITY/SYSTEM allows unprivileged users to run a Microsoft Installer executable with elevated privileges...
PT-2020-5945 · Pulse Secure · Pulse Secure Client
Name of the Vulnerable Software and Affected Versions: Pulse Secure Client versions prior to 9.1.6 Description: A time-of-check time-of-use vulnerability in PulseSecureService.exe allows unprivileged users to run a Microsoft Installer executable with elevated privileges. This issue is caused by a...
CVE-2020-13162
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows which runs as NT AUTHORITY/SYSTEM allows unprivileged users to run a Microsoft Installer executable with elevated privileges. Recent assessments:...
[SECURITY] Fedora 29 Update: electron-cash-3.3.4-1.fc29
Electron Cash is an easy to use Bitcoin Cash client. It protects you from l osing coins in a backup mistake or computer failure, because your wallet can be recovered from a secret phrase that you can write on paper or learn by heart. There is no waiting time when you start the client, because it...
CVE-2018-7572
Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...
CVE-2018-7572
Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...
Authentication flaw
Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...
CVE-2018-7572
Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the system with the privileges of Pulse Secure Client. The attacker must interrupt the client's network...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse 1 dvccsabase002.dll, 2 conman.dll, 3...
CVE-2010-5203
CVE-2010-5203 affects NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client – Juniper Edition before 9.23 Build 18. The issue is an untrusted search path privilege escalation where local users can gain privileges via Trojan horse files in t...