Lucene search
K

17 matches found

CVE
CVE
added 2026/02/10 5:51 p.m.604 views

CVE-2026-21517

CVE-2026-21517 affectancy: Windows App for Mac is impacted by an improper link resolution before file access ("link following"). The underlying issue allows an authorized local attacker to escalate privileges. The CVSS 3.1 base metrics indicate Local attack vector, high impact on confidentiality,...

7CVSS5.5AI score0.00355EPSS
CVE
CVE
added 2024/12/10 8:6 p.m.151 views

CVE-2024-49105

CVE-2024-49105 affects the Windows Remote Desktop Client. It enables remote code execution over the network; exploitation requires user interaction and high privileges, with high impacts to confidentiality, integrity, and availability. CVSS v3.1 base score 8.4 (Network, Low attack complexity, Pri...

8.4CVSS8.6AI score0.01478EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.150 views

CVE-2026-42992

CVE-2026-42992 describes a heap-based buffer overflow in the Remote Desktop Client that could allow an unauthenticated attacker to execute code over the network. The vulnerability affects the Remote Desktop Client as described across multiple sources (NVD, CVE listings, and Microsoft’s advisory)....

7.5CVSS6AI score0.00461EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.136 views

CVE-2025-26645

CVE-2025-26645 affects the Windows Remote Desktop Client. The vulnerability is a relative path traversal in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. According to the published metrics, the exploit requires network access with low attack c...

8.8CVSS8.8AI score0.03227EPSS
CVE
CVE
added 2025/04/08 5:24 p.m.115 views

CVE-2025-27487

CVE-2025-27487 is a heap-based buffer overflow in Windows Remote Desktop Client that allows an authenticated attacker to execute code over the network (CVSSv3.1: 8.0 HIGH; AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). Connected sources confirm this vulnerability and reference remote desktop RCE updates. ...

8CVSS8.1AI score0.013EPSS
CVE
CVE
added 2025/05/13 4:58 p.m.111 views

CVE-2025-29966

Technical details about CVE-2025-29966 (affected software/components, root cause, impact, or fixes) are not provided in the connected documents. Monitor for updates and sources in the feed for any concrete information.

8.8CVSS8.1AI score0.01158EPSS
CVE
CVE
added 2025/07/08 4:57 p.m.89 views

CVE-2025-48817

Technical details about CVE-2025-48817 are not publicly provided in the supplied documents. No vendor/product/versions or mitigations are disclosed here. Monitor official advisories for updates.

8.8CVSS7AI score0.00935EPSS
CVE
CVE
added 2025/06/10 5:2 p.m.86 views

CVE-2025-32715

CVE-2025-32715 is a vulnerability in the Windows Remote Desktop Client described as an out-of-bounds read that can lead to information disclosure . The connected NCSC advisory lists CVSS v3.1/6.50 with an impact of Access to sensitive data . Exploitation details, affected product versions, and sp...

6.5CVSS6.2AI score0.01241EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.85 views

CVE-2026-42985

CVE-2026-42985 is described in connected sources as a heap-based buffer overflow in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. The initial and connected docs provide the vulnerability description and a high CVSS score (8.8, HIGH) with netwo...

8.8CVSS6AI score0.00981EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.66 views

CVE-2026-23656

CVE-2026-23656 involves Windows App Installer and is driven by insufficient verification of data authenticity, enabling an unauthenticated attacker to spoof over a network. Public details in connected advisories confirm this spoofing risk and tie it to Windows App Installer across Windows clients...

5.9CVSS5.8AI score0.00297EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.51 views

CVE-2026-42909

CVE-2026-42909 involves a heap-based buffer overflow in the Remote Desktop Client that enables a remote attacker to execute code over the network. The vulnerability arises from improper handling of data during remote desktop operations, leading to memory corruption. The CVSS-3.1 vector (AV:N/AC:H...

7.5CVSS6AI score0.00397EPSS
CVE
CVE
added 2025/10/14 5:1 p.m.46 views

CVE-2025-58718

CVE-2025-58718 is a use-after-free in the Windows Remote Desktop Client that allows a network-based, unauthenticated attacker to execute code on the affected system. CVSSv3.1 shows AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with a base score of 8.8 (HIGH); exploitation requires user interaction. Connect...

8.8CVSS7.2AI score0.00562EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.40 views

CVE-2026-42908

The CVE-2026-42908 entry describes an Out-of-bounds read in Windows Remote Desktop Protocol (RDP) that enables an unauthenticated attacker to disclose information over the network. Affected component is Windows RDP; the underlying fault is an out-of-bounds read, leading to information disclosure....

7.5CVSS5.4AI score0.0087EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.38 views

CVE-2026-47289

CVE-2026-47289 is a heap-based buffer overflow in the Remote Desktop Client that enables remote code execution over a network. The vulnerability is exploitable remotely (attack vector: NETWORK) with low complexity and requires user interaction, yielding a high impact on confidentiality, integrity...

8.8CVSS6AI score0.01001EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.31 views

CVE-2026-44799

This CVE (CVE-2026-44799) describes a heap-based buffer overflow in the Remote Desktop Client that allows an unauthorized attacker to execute code remotely over a network . The connected records corroborate a network-based, remote code execution vulnerability affecting the Remote Desktop Client, ...

7.5CVSS6AI score0.00461EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.31 views

CVE-2026-44801

CVE-2026-44801 = heap-based buffer overflow in Remote Desktop Client enabling a remote code execution by an unauthenticated attacker over the network. Root cause: heap overflow; impact: remote execution of code. Affected software/version details are not provided in the documents. No exploit statu...

7.5CVSS6AI score0.00461EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.30 views

CVE-2026-45639

The CVE-2026-45639 entry relates to an out-of-bounds read in Windows Remote Desktop Protocol (RDP). The underlying issue enables an unauthenticated, network-based attacker to disclose information over the network without user interaction. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:...

7.5CVSS5.4AI score0.0087EPSS