CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-26630 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26630
11 Mar 2025 — Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26630 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21186 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21186
14 Jan 2025 — Microsoft Access Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21186 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21395 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21395
14 Jan 2025 — Microsoft Access Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21395 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21366 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21366
14 Jan 2025 — Microsoft Access Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21366 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49142 – Microsoft Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49142
10 Dec 2024 — Microsoft Access Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49142 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6335
https://notcve.org/view.php?id=CVE-2023-6335
16 Jan 2024 — Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. La vulnerabilidad de resolución de enlace incorrecta antes del acceso al archivo ("Link Following") en HYPR Workforce Access en Windows permite el nombre de archivo controlado por el usuario. Este problema afecta a Workforce Access: antes de 8.7. • https://www.hypr.com/security-advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6334
https://notcve.org/view.php?id=CVE-2023-6334
16 Jan 2024 — Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. Vulnerabilidad de restricción inadecuada de operaciones dentro de los límites en búfer de memoria en HYPR Workforce Access en Windows permite desbordamiento de búferes. Este problema afecta a Workforce Access: versiones anteriores a 8.7. • https://www.hypr.com/security-advisories • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5097
https://notcve.org/view.php?id=CVE-2023-5097
16 Jan 2024 — Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7. La vulnerabilidad de validación de entrada incorrecta en HYPR Workforce Access en Windows permite path traversal. Este problema afecta a Workforce Access: versiones anteriores a 8.7. • https://www.hypr.com/security-advisories • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 788EXPL: 1CVE-2023-6105 – ManageEngine Information Disclosure in Multiple Products
https://notcve.org/view.php?id=CVE-2023-6105
15 Nov 2023 — An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database. Existe una vulnerabilidad de divulgación de información en varios productos ManageEngine que puede provocar la exposición de claves de cifrado... • https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-41718
https://notcve.org/view.php?id=CVE-2023-41718
14 Nov 2023 — When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file. Cuando se inicia un flujo de proceso particular, un atacante puede obtener privilegios elevados no autorizados en el sistema afectado al tener control sobre un archivo específico. • https://forums.ivanti.com/s/article/Security-fixes-included-in-the-latest-Ivanti-Secure-Access-Client-Release • CWE-276: Incorrect Default Permissions •