| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in versions prior to 15.70 of TeamViewer Remote and Tensor — allows an attacker with local, unprivileged access to a device lacking adequate malware protection to escalate privileges by spoofing the update file path. This may result in unauthorized access to sensitive information. |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability |
| Clipboard Virtual Channel Extension Remote Code Execution Vulnerability |
| Visual Studio Code Remote Extension Elevation of Privilege Vulnerability |
| Remote Desktop Protocol Client Information Disclosure Vulnerability |
| Remote Desktop Protocol Client Information Disclosure Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Windows Remote Desktop Security Feature Bypass Vulnerability |
| Remote Desktop Protocol Client Information Disclosure Vulnerability |
| A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. |
| Windows Remote Desktop Security Feature Bypass Vulnerability |
| Remote Desktop Protocol Client Information Disclosure Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Remote Desktop Client Remote Code Execution Vulnerability |
| Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.
|
| Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability." |
| The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a deleted object, and allows remote RDP servers to execute arbitrary code via unspecified vectors that trigger access to a deleted object, aka "RDP ActiveX Control Remote Code Execution Vulnerability." |
