16 matches found
CVE-2026-21517
CVE-2026-21517 affectancy: Windows App for Mac is impacted by an improper link resolution before file access ("link following"). The underlying issue allows an authorized local attacker to escalate privileges. The CVSS 3.1 base metrics indicate Local attack vector, high impact on confidentiality,...
CVE-2024-49105
CVE-2024-49105 affects the Windows Remote Desktop Client. It enables remote code execution over the network; exploitation requires user interaction and high privileges, with high impacts to confidentiality, integrity, and availability. CVSS v3.1 base score 8.4 (Network, Low attack complexity, Pri...
CVE-2020-0919
CVE-2020-0919 is an elevation-of-privilege vulnerability in the Microsoft Remote Desktop App for Mac caused by improper handling of unsigned binaries during load/signature validation. Reported impact is privilege escalation for an attacker who gains access to the user’s system and can execute cod...
CVE-2025-26645
CVE-2025-26645 affects the Windows Remote Desktop Client. The vulnerability is a relative path traversal in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. According to the published metrics, the exploit requires network access with low attack c...
CVE-2025-27487
CVE-2025-27487 is a heap-based buffer overflow in Windows Remote Desktop Client that allows an authenticated attacker to execute code over the network (CVSSv3.1: 8.0 HIGH; AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). Connected sources confirm this vulnerability and reference remote desktop RCE updates. ...
CVE-2025-29966
Technical details about CVE-2025-29966 (affected software/components, root cause, impact, or fixes) are not provided in the connected documents. Monitor for updates and sources in the feed for any concrete information.
CVE-2025-32715
CVE-2025-32715 is a vulnerability in the Windows Remote Desktop Client described as an out-of-bounds read that can lead to information disclosure . The connected NCSC advisory lists CVSS v3.1/6.50 with an impact of Access to sensitive data . Exploitation details, affected product versions, and sp...
CVE-2025-48817
Technical details about CVE-2025-48817 are not publicly provided in the supplied documents. No vendor/product/versions or mitigations are disclosed here. Monitor official advisories for updates.
CVE-2026-42992
CVE-2026-42992 describes a heap-based buffer overflow in the Remote Desktop Client that could allow an unauthenticated attacker to execute code over the network. The vulnerability affects the Remote Desktop Client as described across multiple sources (NVD, CVE listings, and Microsoft’s advisory)....
CVE-2026-23656
CVE-2026-23656 involves Windows App Installer and is driven by insufficient verification of data authenticity, enabling an unauthenticated attacker to spoof over a network. Public details in connected advisories confirm this spoofing risk and tie it to Windows App Installer across Windows clients...
CVE-2026-42985
CVE-2026-42985 is described in connected sources as a heap-based buffer overflow in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. The initial and connected docs provide the vulnerability description and a high CVSS score (8.8, HIGH) with netwo...
CVE-2025-58718
CVE-2025-58718 is a use-after-free in the Windows Remote Desktop Client that allows a network-based, unauthenticated attacker to execute code on the affected system. CVSSv3.1 shows AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 8.8 (HIGH); exploitation requires user interaction. Connect...
CVE-2026-42909
CVE-2026-42909 involves a heap-based buffer overflow in the Remote Desktop Client that enables a remote attacker to execute code over the network. The vulnerability arises from improper handling of data during remote desktop operations, leading to memory corruption. The CVSS-3.1 vector (AV:N/AC:H...
CVE-2026-44799
This CVE (CVE-2026-44799) describes a heap-based buffer overflow in the Remote Desktop Client that allows an unauthorized attacker to execute code remotely over a network . The connected records corroborate a network-based, remote code execution vulnerability affecting the Remote Desktop Client, ...
CVE-2026-44801
CVE-2026-44801 = heap-based buffer overflow in Remote Desktop Client enabling a remote code execution by an unauthenticated attacker over the network. Root cause: heap overflow; impact: remote execution of code. Affected software/version details are not provided in the documents. No exploit statu...
CVE-2026-47289
CVE-2026-47289 is a heap-based buffer overflow in the Remote Desktop Client that enables remote code execution over a network. The vulnerability is exploitable remotely (attack vector: NETWORK) with low complexity and requires user interaction, yielding a high impact on confidentiality, integrity...