|
1231
|
5.5 |
MEDIUM
Local
|
absolute
|
secure_access
|
CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access
Windows client prior to 14.50. Attackers with local control of the
Windows client can use it to ‘blue screen’ the system.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-33452
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1232
|
7.8 |
HIGH
Local
|
absolute
|
secure_access
|
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure
Access Windows client prior to 14.50. Attackers with local control of
the Windows client can send malformed data to an API and …
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33451
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1233
|
5.5 |
MEDIUM
Local
|
absolute
|
secure_access
|
CVE-2026-33450 is an out of bounds read vulnerability in the Secure
Access MacOS client prior to 14.50. Attackers with control of a modified
server can send a malformed packet to the client causing…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33450
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1234
|
7.5 |
HIGH
Network
|
absolute
|
secure_access
|
CVE-2026-33449 is a buffer overflow in a message handling function of
the Secure Access client prior to 14.50. Attackers with control of
a modified server can send a cryptographically valid message…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-33449
|
2026-05-5 11:27 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1235
|
3.3 |
LOW
Local
|
absolute
|
secure_access
|
CVE-2026-33448 is a format string vulnerability in the logging subsystem
of Secure Access client for MacOS prior to 14.50. Attackers with
control of a modified server can force the client to dump t…
|
CWE-200
Information Exposure
|
CVE-2026-33448
|
2026-05-5 11:27 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1236
|
9.8 |
CRITICAL
Network
|
absolute
|
secure_access
|
CVE-2026-33447 is a buffer overflow in a message parsing function of the
Secure Access client prior to 14.50. Attackers with control of a
modified server can send a special packet that can overwrit…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-33447
|
2026-05-5 11:26 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1237
|
9.8 |
CRITICAL
Network
|
absolute
|
secure_access
|
CVE-2026-33446 is a buffer overflow in the authentication sub-system of
the Secure Access client prior to 14.50. Attackers with control of a
modified server can send a special packet that can overw…
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-33446
|
2026-05-5 11:19 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1238
|
7.2 |
HIGH
Network
|
amazon
|
amazon_ecs_container_agent
|
Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticat…
|
CWE-78
OS Command
|
CVE-2026-7461
|
2026-05-5 11:18 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1239
|
5.9 |
MEDIUM
Network
|
hex
|
hex
|
Insufficient Verification of Data Authenticity vulnerability in hexpm hex (Hex.RemoteConverger module) allows dependency integrity bypass via unverified lockfile checksums.
Hex stores checksums for …
|
CWE-354
CWE-494
Improper Validation of Integrity Check Value
Download of Code Without Integrity Check
|
CVE-2026-32148
|
2026-05-5 11:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1240
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or r…
|
CWE-287
Improper Authentication
|
CVE-2026-5722
|
2026-05-5 11:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
