321 matches found
CVE-2026-7539
A potential security vulnerability has been identified in the HP Accessory WMI Provider installer for some HP Docking Stations, which might allow escalation of privilege and/or arbitrary code execution. HP is releasing software updates to mitigate the potential vulnerability...
CVE-2026-7539
Technical details about CVE-2026-7539 are not publicly available in the provided documents. Monitor for updates from HP and CVE records for affected products, affected components, and fixes.
PT-2026-52085
Name of the Vulnerable Software and Affected Versions HP Accessory WMI Provider installer affected versions not specified Description A security issue exists in the HP Accessory WMI Provider installer used for certain HP Docking Stations. This flaw could allow an attacker to achieve escalation of...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the windowsMDMManagement endpoint. An attacker can gain unauthorized access to management functionality by bypassing authentication mechanisms. Remediation Upgrade github.com/fleetdm/fleet/server/service to...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the windowsMDMManagement endpoint. An attacker can gain unauthorized access to management functionality by bypassing authentication mechanisms. Remediation Upgrade github.com/fleetdm/fleet/v4/server/service t...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the windowsMDMManagement endpoint. An attacker can gain unauthorized access to management functionality by bypassing authentication mechanisms. Remediation Upgrade...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the windowsMDMManagement endpoint. An attacker can gain unauthorized access to management functionality by bypassing authentication mechanisms. Remediation Upgrade...
CVE-2026-23998
CVE-2026-23998 affects Fleet open-source device management software, specifically the Windows MDM management endpoint. A vulnerability in the endpoint could allow requests without proper client certificate validation to be processed as trusted, enabling an attacker who knows a valid enrolled devi...
Fleet has a Windows MDM management endpoint authentication bypass
Summary A vulnerability in Fleet’s Windows MDM management endpoint could allow requests to be processed without proper client certificate validation. In certain circumstances, this could allow an attacker to impersonate an enrolled Windows device and retrieve sensitive configuration data. Impact...
[SECURITY] Fedora 44 Update: kf6-kwindowsystem-6.25.0-1.fc44
KDE Frameworks Tier 1 integration module that provides classes for managing a nd working with windows...
CVE-2026-20930
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
EUVD-2026-22353
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
CVE-2026-20930
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
CVE-2026-20930
CVE-2026-20930 – Windows Management Services Elevation of Privilege is a confirmed issue: a race condition due to improper synchronization in Windows Management Services can allow an authorized local attacker to elevate privileges. The concurrent-execution flaw affects Windows Management Services...
CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability
...
CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability
...
Windows Management Services Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...
PT-2026-32719
Name of the Vulnerable Software and Affected Versions Windows Management Services affected versions not specified Description Concurrent execution using a shared resource with improper synchronization, known as a race condition, allows an authorized attacker to elevate privileges locally...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captur...
Exposure of Data Element to Wrong Session
Overview Affected versions of this package are vulnerable to Exposure of Data Element to Wrong Session in the MDM command processing while handling SyncML status code. An attacker can obtain sensitive configuration data belonging to other devices such as WiFi credentials, VPN secrets, and...