894 matches found
CVE-2026-33451 Arbitrary read/write vulnerability in Windows clients prior to 14.50
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...
CVE-2026-33451
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...
CVE-2026-33451
CVE-2026-33451 : An arbitrary read/write vulnerability exists in the Secure Access Windows client prior to version 14.50. With local control of the Windows client, an attacker can send malformed data to a documented API and elevate privileges to SYSTEM. The connected documents confirm the affecte...
Absolute Secure Access Windows client 资源管理错误漏洞
Absolute Secure Access Windows client is a security access control client developed by Absolute Corporation. Versions of Absolute Secure Access Windows client prior to version 14.50 contain a resource management vulnerability caused by memory corruption. This vulnerability could allow local...
PT-2026-36175
Name of the Vulnerable Software and Affected Versions Secure Access Windows client versions prior to 14.50 Description An arbitrary read/write issue exists where attackers with local control of the Windows client can send malformed data to an API to elevate their privileges to system level...
PT-2026-36176
Name of the Vulnerable Software and Affected Versions Secure Access Windows client versions prior to 14.50 Description A buffer overflow occurs in the software, which allows attackers with local control of the Windows client to cause a system crash, resulting in a blue screen. Recommendations...
PT-2026-36180
Name of the Vulnerable Software and Affected Versions Secure Access Windows client versions prior to 14.50 Description A buffer overflow occurs in the Secure Access Windows client. Attackers with local control of the client can exploit this to trigger a denial of service DoS, which is a condition...
CVE-2026-2810 Endpoint DLP Driver Out-of-Bounds Read
Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death BSOD. Successful...
Microsoft Windows 安全漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows OLE. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 11...
Microsoft Windows COM 安全漏洞
Microsoft Windows COM is a technology developed by Microsoft Corporation in the United States, aimed at reusing software. COM is described as a platform-independent, distributed, object-oriented system used for creating interactive binary software components. There are security vulnerabilities in...
Microsoft Projected File System 资源管理错误漏洞
The Microsoft Projected File System is an application system developed by Microsoft Corporation. It projects hierarchical data into the file system, making it appear as files and directories within the file system. The Microsoft Projected File System has a resource management vulnerability...
Microsoft Windows Cloud Files Mini Filter Driver 资源管理错误漏洞
The Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver developed by Microsoft Corporation. There is a resource management vulnerability present in the Microsoft Windows Cloud Files Mini Filter Driver. Attackers can exploit this vulnerability to gain higher privileges...
Microsoft Windows Remote Desktop Services 安全漏洞
Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to car...
Microsoft Windows Push Notifications 资源管理错误漏洞
Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain elevated...
CVE-2026-30902
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-1995
CVE-2026-1995 – IDrive for Windows privilege escalation : The id_service.exe process runs with SYSTEM privileges and reads UTF-16LE files under C:\ProgramData\IDrive. Any standard user can edit these files, enabling an attacker to overwrite or point the file contents to an arbitrary executable. T...
CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability
IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...
IDrive for Windows contains local privilege escalation vulnerability
Overview The IDrive Cloud Backup Client for Windows, versions 7.0.0.63 and earlier, contains a privilege escalation vulnerability that allows any authenticated user to run arbitrary executables with NT AUTHORITY\SYSTEM permissions. Description IDrive is a cloud backup service that allows users to...
CVE-2026-2809 Endpoint DLP Driver DLL
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...
CVE-2026-2809
CVE-2026-2809 concerns Netskope’s Endpoint DLP Driver DLL Injector on Windows. Reported as a potential integer overflow in the DLL Injector, exploiting it may cause a local BSOD and denial of service, with exploitation requiring the Endpoint DLP module to be enabled in the client configuration. C...